Marquis sues firewall provider SonicWall, alleges security failings with its firewall backup led to ransomware attack
Source: TechCrunch
Lawsuit Overview
Fintech giant Marquis has filed a lawsuit against its firewall provider SonicWall, alleging that a breach of SonicWall’s cloud backup service allowed hackers to steal sensitive information about customer firewalls, leading to a ransomware attack on Marquis’ network. The complaint was filed in the U.S. District Court for the Eastern District of Texas and seeks a jury trial.
Background
- SonicWall breach – SonicWall first admitted a breach in mid‑September 2025, initially stating that fewer than 5 % of customer firewall configuration backup files were exfiltrated from its Amazon‑hosted storage servers. In October, SonicWall conceded that every customer’s backup files had been stolen.
- Marquis notification – In December 2025, Marquis began notifying affected parties that its networks had been breached in August 2025.
Allegations
- The lawsuit claims the 2025 breach at SonicWall “exposed critical security information for Marquis and every customer that used SonicWall’s firewall cloud backup service.”
- According to Marquis CEO Satin Mirchandani, SonicWall “failed to secure its backup service,” causing “significant reputational, operational, and financial harm.”
- The complaint states that SonicWall “allowed a threat actor to obtain the keys to bypass that line of defense and walk right into Marquis’s internal network, the very thing that SonicWall’s firewall was supposed to prevent.”
How the Attack Unfolded
- Hackers allegedly used information stolen from SonicWall about how customers configure their firewalls, including emergency passcodes (scratch codes), to gain access to Marquis’ internal network.
- Once inside, the attackers deployed ransomware that scrambled Marquis’ systems.
Data Compromised
Marquis, which provides data‑visualization services to hundreds of banks and credit unions, reported that the hackers obtained personally identifiable information for customers of its financial‑institution clients, including:
- Names, dates of birth, postal addresses
- Bank account, debit, and credit‑card numbers
- Social Security numbers
Impact
- At least 400,000 people across the U.S. are known to be affected, according to a listing with the Texas Attorney General.
- The number of affected individuals is expected to rise as more breach notifications are filed with state attorneys general.
SonicWall’s Response
- A SonicWall spokesperson did not immediately comment on the lawsuit.
- SonicWall has not disclosed when hackers first gained access to its systems or provided non‑public details about the root cause of the breach.
Marquis’ Statements
“While we were able to secure our network and client data quickly, our investigation revealed that our exposure to threat actors was due to SonicWall’s network breach and failure to notify us that our firewall protection was potentially compromised.” – Satin Mirchandani, CEO, Marquis
“We hope to learn more through the litigation process.” – Satin Mirchandani