Fintech firm Marquis alerts dozens of US banks and credit unions of a data breach after ransomware attack

Fintech institution Marquis is notifying dozens of U.S. banks and recognition unions that they had lawsuit information stolen successful a cyberattack earlier this year. 

Details of the cyberattack emerged this week aft Marquis filed information breach notices with respective U.S. states confirming its August 14 incidental arsenic a ransomware attack.

Texas-based Marquis is simply a selling and compliance supplier that allows banks and different fiscal institutions to cod and visualize each of their lawsuit information successful 1 place. The institution counts more than 700 banking and recognition national customers connected its website. As such, Marquis has entree to and stores ample amounts of information belonging to user banking customers crossed the United States.

At slightest 400,000 radical are truthful acold confirmed affected by the information breach, according to legally required disclosures filed successful the states of Iowa, Maine, Texas, Massachusetts, and New Hampshire that TechCrunch has reviewed.

Texas has the largest fig of authorities residents truthful acold who had information stolen successful the breach, affecting astatine slightest 354,000 people.

Marquis said in its notice with Maine’s lawyer wide that banking customers with the Maine State Credit Union accounted for the bulk of its information breach notifications, oregon astir one-in-nine radical who are known to beryllium affected passim the state.

The fig of individuals affected by the breach is expected to emergence arsenic much information breach notifications rotation successful from different states.

Marquis said the hackers stole lawsuit names, dates of birth, postal addresses, and fiscal information, specified arsenic slope account, debit, and recognition paper numbers. Marquis said the hackers besides stole customers’ Social Security numbers.

According to its astir caller notices, Marquis blamed the ransomware onslaught connected hackers who exploited a vulnerability successful its SonicWall firewall. The vulnerability was considered a zero-day, meaning the flaw was not known to SonicWall oregon its customers earlier it was maliciously exploited by hackers. 

Marquis did not property the ransomware onslaught to a peculiar group, but the Akira ransomware pack was reportedly down the mass-hacks targeting SonicWall customers astatine the time. 

TechCrunch asked Marquis if it is alert of the full fig of radical affected by the breach, and if Marquis received immoderate connection from the hackers oregon if the institution paid a ransom, but we did not perceive backmost by the clip of publication.

Do you cognize much astir the Marquis information breach? Do you enactment astatine Marquis oregon a institution affected by the breach? We would emotion to perceive from you. To securely interaction this reporter, you tin scope retired utilizing Signal via the username: zackwhittaker.1337