Marquis ransomware breach exposes 672000 individuals 74 banks

Marquis, a provider of marketing and compliance solutions for credit unions and banks, revealed this week that a data breach disclosed last year affects roughly 672,000 individuals. The Texas-based company discovered in August 2025 that hackers had gained access to its systems. In a notification made public in December, it reported that the attackers had stolen personal information such as names, addresses, SSNs, dates of birth, taxpayer identification numbers, and financial information, including payment card numbers. The information was stored Comparitech estimated in February 2026 that as many as 1.6 million people could be affected. However, Marquis told the Maine Attorney General's Office this week that just over 672,000 are affected. If 672,000 is the actual number of impacted individuals, some of the numbers shared No cybercrime group has taken credit for the attack on Marquis, but Comparitech previously reported that a now-removed data breach notice from an Iowa credit union revealed that Marquis had paid a ransom, a claim that the fintech company has yet to confirm. The company did not immediately respond to SecurityWeek's request to confirm or deny the claim. Marquis previously said the attack exploited a SonicWall firewall vulnerability. Around the time the company discovered the attack, the Akira ransomware group had ramped up its exploitation of SonicWall firewall flaws.