Texas, USA – Fintech and marketing services provider Marquis has informed U.S. banks and credit unions that it experienced a ransomware attack in August, potentially compromising sensitive customer data. The company disclosed the breach in a filing with Maine’s Attorney General on Tuesday.

“Suspicious activity was detected on our network, and subsequent investigation confirmed a ransomware intrusion,” Marquis stated in its official filing.

How the Breach Occurred

Marquis’ investigation revealed that hackers exploited the company’s SonicWall firewall on August 14, 2025, gaining unauthorized access to files containing information from business clients. The breach potentially affected both current and former business customers whose data Marquis managed, including U.S. banks and credit unions.

Data Potentially Exposed

The compromised files reportedly contained sensitive personal and financial information, such as:

• Names, addresses, and phone numbers
• Dates of birth
• Social Security numbers and taxpayer identification numbers
• Certain financial account details

While Marquis stated that there is no evidence of misuse of the exposed data to date, the company is issuing notices to affected businesses as a precautionary measure.

Industry Implications

Cybersecurity experts note that ransomware attacks targeting fintech firms pose a significant threat to financial institutions, given the sensitive nature of client data. The breach underscores the need for robust firewall protection, proactive monitoring, and incident response plans across the financial services sector.

The incident also highlights ongoing cybersecurity risks for marketing and data management vendors that handle sensitive customer information for banks and other regulated institutions. Analysts recommend organizations review third-party vendor security practices to prevent potential data exposure.