## Fintech Firm Marquis Alleges Firewall Provider Blame in Major Data Breach, Seeks Compensation
A significant data breach at the fintech firm Marquis has led to accusations against its firewall service provider, SonicWall. Marquis has informed its customers of its intention to pursue compensation, claiming that a prior security incident at SonicWall facilitated the devastating ransomware attack that compromised its clients’ personal and financial data.
### The Ransomware Attack and Its Far-Reaching Impact
In August 2025, Marquis fell victim to a ransomware attack that allowed cybercriminals to infiltrate its systems. The Texas-based company, which provides critical data visualization services to hundreds of banks and credit unions across the U.S., subsequently began notifying hundreds of thousands of individuals that their sensitive information had been stolen. This compromised data includes a vast array of personal details, financial records, and Social Security numbers. While a definitive count of affected individuals has not yet been disclosed by Marquis, the number is anticipated to escalate as further breach notifications are filed with state attorneys general.
### Marquis’s Core Allegation: A Cloud Backup Compromise
According to a memo shared with its customers, Marquis posits that the August 2025 attack stemmed from an earlier data breach experienced by its firewall service provider, SonicWall. Marquis asserts that this prior breach exposed critical security information pertaining to its customers’ firewalls, including login credentials. The fintech firm’s internal investigation, supported by a third-party cybersecurity firm, concluded that hackers obtained details about Marquis’s firewall during the SonicWall incident, subsequently exploiting this information to bypass its security defenses. Crucially, Marquis confirmed that it had stored a backup of its firewall configuration file within SonicWall’s cloud environment.
A spokesperson for Marquis, Hanna Grimm, reiterated this position, stating, “In September 2025, after the data security incident affected our systems, our firewall service provider, an industry-leading cybersecurity company, publicly disclosed that a threat actor had earlier in the year gained unauthorized access to its cloud backup service.” The statement further clarified that while the provider initially downplayed the scope, it later admitted in October 2025 that firewall configuration data and credentials for *all* customers utilizing the cloud backup service, including Marquis, had been accessed.
Furthermore, Marquis’s third-party investigation also scrutinized a potential unpatched vulnerability within its own systems at the time of the breach. However, the findings concluded that this specific flaw was not exploitable in a manner that could have granted hackers access to the company’s sensitive data.
### The Pursuit of Compensation and Recoupment
In light of these findings, Marquis has indicated it is “evaluating its options” concerning its firewall provider. This evaluation includes exploring avenues for “recoupment of any expenses spent by Marquis and its customers in responding to the data incident.” This signals a clear intent to seek financial redress for the substantial costs associated with mitigating the breach, customer notifications, and potential legal ramifications.
### SonicWall’s Counter-Perspective
In response to Marquis’s claims, SonicWall has requested substantiating evidence from its customer. Bret Fitzgerald, a spokesperson for SonicWall, stated that the company “has no new evidence to establish a connection between the SonicWall security incident reported in September 2025 and ongoing global ransomware attacks on firewalls and other edge devices.”
It is important to note that SonicWall did concede in October 2025 that its earlier breach had indeed impacted all customers who backed up their firewall files to its cloud. This was a significant clarification, as earlier reports from SonicWall had suggested that only a small fraction of customers’ firewall configuration files, which contain policies and settings, had been compromised.
### The Broader Implications for Cybersecurity Accountability
The unfolding dispute between Marquis and SonicWall underscores the complex landscape of cybersecurity accountability, particularly when multiple vendors are involved in a company’s protective infrastructure. As organizations increasingly rely on third-party providers for their security solutions, the question of responsibility in the event of a breach becomes paramount. The outcome of Marquis’s pursuit for compensation could set a significant precedent for how such inter-company security liabilities are addressed in the future.