Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Fintech giant Marquis is suing firewall provider SonicWall, alleging that an earlier breach allowed hackers to steal confidential customer information that led to a ransomware attack on Marquis’ network.
case, written on Monday The US Supreme Court for the Eastern District of Texas wants to hear the case. It says the 2025 breach at SonicWall “exposed critical security information for Marquis and every customer that used SonicWall’s cloud backup services.”
Marquis CEO Satin Mirchandani told TechCrunch in a statement that SonicWall allegedly failed to protect its backup services, causing the company “significant damage to reputation, operations and finances.”
News of the lawsuit comes weeks after TechCrunch reported that Marquis was preparing to seek compensation from SonicWall. The Plano, Texas-based fintech giant told its customers that it blamed SonicWall for allowing hackers to steal information about customer configuration files, including its own.
“SonicWall allowed an attacker to obtain keys to bypass the security system and access Marquis’ internal network, which should have been prevented by SonicWall’s firewall,” he complains.
Firewalls are designed to prevent access to the company’s network, but Marquis says the attackers who compromised its network with ransomware used information stolen from SonicWall about how its customers configure their firewalls, including emergency passcodes (known as scratch codes) that allow access to Marquis’ internal network.
Marquis, which allows hundreds of banks and credit unions to access their customers’ information, said the hackers took “personally identifiable information about certain Marquis financial institution customers” in its cyber attack.
The stolen data includes customer names, dates of birth, mailing addresses, and financial information, including bank account, credit card, and debit card numbers, as well as customer Social Security numbers.
A SonicWall spokesperson did not comment on the lawsuit.
SonicWall at first he agreed breach of its systems in mid-September, when it said that less than 5% of customer storage files were leaked from its storage servers, which are hosted on Amazon’s cloud and backed by SonicWall. Firewall developer in October agreed that basically every customer had their firewall backup files stolen in the breach.
Marquis in December 2025 they started informing the concerned people that his network was broken in August. SonicWall did not say when the hackers gained access to its systems.
It is still unclear what caused the SonicWall breach. In his complaint, Marquis alleges that SonicWall made a code change to one of its APIs several months ago, in February 2025, that “created a vulnerability that could be used by attackers.” Marquis said the flaw allowed hackers to access customer backup files “without proper authentication” by guessing firewall passwords.
“While we were able to quickly secure our network and customer base, our investigation revealed that our exposure to attackers was due to a breach in SonicWall’s network and failure to notify us that our threat protection could be compromised,” said Mirchandani, CEO of Marquis, in a statement shared with TechCrunch.
Mirchandani told TechCrunch that SonicWall has yet to provide any non-public information about what led to its breach.
“We hope to learn more through the court process,” Mirchandani said.
Marquis did not say how many people were affected by its data breach. According to a statement by the Texas Attorney General, about 400,000 people across the US known to be involved in the breach of the fintech giant.
The number of people affected is expected to rise as notifications of data breaches are made to US attorneys general.
