CP
cyberpings
Malware & RansomwareHIGH

Ransomware - Marquis Reports Data Theft of 672K Individuals

BCBleepingComputer
MarquisSonicWallransomwaredata breachfinancial services
🎯

Basically, a ransomware gang stole personal data from a financial company, affecting many people.

Quick Summary

Marquis, a Texas financial services firm, suffered a ransomware attack affecting over 670,000 individuals. The breach compromised sensitive personal data, raising serious security concerns. Affected individuals should monitor their accounts closely and take protective measures.

What Happened

In August 2025, Marquis, a Texas-based financial services provider, experienced a significant ransomware attack that led to the theft of data belonging to over 670,000 individuals. This incident not only compromised personal information but also disrupted operations at 74 banks across the United States. Marquis provides a variety of services, including digital marketing and data analytics, to over 700 banks, credit unions, and mortgage lenders.

The attack was initiated when the ransomware gang exploited a vulnerability in a SonicWall firewall. After breaching Marquis’s network, the attackers accessed and stole a wide range of sensitive data, including names, dates of birth, Social Security numbers, and financial account information. Marquis disclosed the breach in notifications sent to affected individuals, emphasizing that the incident was limited to its own systems and did not compromise customer systems.

Who's Affected

The 672,075 individuals affected by this breach include customers of Marquis and its partner institutions. The stolen data may have serious implications for those involved, as it includes critical personal and financial information. Marquis has stated that they are working diligently to notify affected individuals and assist in mitigating any potential fallout from the breach.

In addition to the direct impact on individuals, the breach has broader implications for the financial services sector. With 74 banks affected, the incident raises questions about the security measures in place to protect sensitive data across the industry. The incident could lead to a loss of trust among customers who rely on these financial institutions.

What Data Was Exposed

The data stolen during the ransomware attack includes:

  • Names
  • Dates of birth
  • Addresses
  • Phone numbers
  • Social Security numbers
  • Taxpayer Identification Numbers
  • Financial account information (without security codes)

This kind of information can be exploited for identity theft and financial fraud, making it imperative for affected individuals to monitor their financial accounts closely and take protective measures.

What You Should Do

If you believe you may be affected by this breach, here are some steps you should take:

  1. Monitor your financial accounts for any suspicious activity.
  2. Consider placing a fraud alert on your credit reports to prevent new accounts from being opened in your name.
  3. Review your credit reports regularly for inaccuracies or unfamiliar accounts.
  4. Stay informed about any updates from Marquis or your financial institutions regarding this incident.

In light of this breach, it’s crucial for all organizations, especially in the financial sector, to review and strengthen their cybersecurity protocols. Regular training, updated software, and robust incident response plans can help mitigate the risk of future attacks.

🔒 Pro insight: This incident highlights the critical need for robust firewall security and incident response planning in the financial sector.

Original article from

BleepingComputer · Sergiu Gatlan

Read Full Article

Share

Related Pings

CRITICALMalware & Ransomware

Ransomware - Interlock Exploits Cisco Zero-Day Flaw

A serious flaw in Cisco's Secure Firewall Management Center has been exploited by the Interlock ransomware gang for over a month. Organizations must patch their systems to avoid potential breaches and data loss. Swift action is crucial to safeguard against these evolving threats.

BleepingComputer·
CRITICALMalware & Ransomware

Interlock Ransomware - Exploiting Cisco FMC Zero-Day Flaw

A new ransomware campaign is exploiting a critical flaw in Cisco's software. Organizations using Cisco FMC are at risk of severe breaches. Immediate patching and security assessments are crucial to protect against this threat.

The Hacker News·
HIGHMalware & Ransomware

Malware - New Campaigns Turn Devices Into DDoS and Mining Bots

New malware campaigns are hijacking network devices for DDoS attacks and crypto-mining. Routers and IoT devices are at risk, making immediate action essential. Protect your infrastructure to avoid exploitation.

Cyber Security News·
HIGHMalware & Ransomware

Malware - Iranian Hackers Used Stolen Credentials in Stryker Breach

A significant cyberattack on Stryker by Iranian hackers has disrupted operations globally. The attackers exploited stolen credentials, raising serious security concerns. Stryker is working to restore affected systems while authorities investigate the breach.

SecurityWeek·
HIGHMalware & Ransomware

Vidar Stealer 2.0 - Malware Delivered via Fake Game Cheats

A new malware campaign is exploiting fake game cheats on GitHub and Reddit to deliver Vidar 2.0. Gamers are at risk as they unknowingly install this dangerous infostealer. Stay informed and protect your data from these evolving threats.

Infosecurity Magazine·
HIGHMalware & Ransomware

Malware - GlassWorm Campaign Targets Python Repos via GitHub

A new malware campaign, ForceMemo, is targeting Python repositories on GitHub using stolen developer tokens. This poses a significant risk to developers and users alike. Vigilance is crucial to prevent compromise.

SC Media·