A ransomware gang compromised Marquis, a Texas-based financial services provider, in August 2025 by exploiting a vulnerability in a SonicWall firewall. The attack led to the theft of personal and financial data for 672,075 individuals and disrupted operations at 74 banks across the United States.
Initial Access
SonicWall Vulnerability Exploited
confirmed
Threat actors exploited a vulnerability in a SonicWall firewall's cloud backup service, which was part of a broader security breach disclosed by SonicWall in September 2025.
Defender cut points
Timely patching and vulnerability management for all network devices and associated cloud servicesSecure configuration baselines for firewalls and cloud backup solutions
