Marquis sues SonicWall over backup breach that led to ransomware attack
Bleeping Computer
by Bill ToulasFebruary 25, 2026
AI-Generated Deep Dive Summary
Marquis Software Solutions has filed a lawsuit against cybersecurity firm SonicWall, alleging gross negligence and misrepresentation that led to a ransomware attack affecting 74 U.S. banks. The breach occurred after hackers exploited a vulnerability in SonicWall's MySonicWall cloud backup service, which was introduced via an API code change in February 2025. This flaw allowed unauthorized access to sensitive configuration data, including AES-256 encrypted credentials and MFA scratch codes, ultimately leading to the compromise of Marquis' network on August 14, 2025. The attack resulted in the theft of personal and financial information from over 700 financial institutions, including banks and mortgage lenders.
Marquis claims that despite having an updated firewall with MFA enabled, the attack was successful due to SonicWall's failure to address the security gap promptly. An investigation by Mandiant revealed the attackers were state-sponsored hackers who exploited the cloud backup infrastructure to bypass MFA and infiltrate Marquis' systems. The breach not only disrupted operations but also exposed sensitive customer data, leading to over 36 consumer class action lawsuits against Marquis.
The lawsuit accuses SonicWall of withholding critical information about the vulnerability and failing to disclose the incident for three weeks, despite knowing it impacted all its customers. Marquis seeks monetary damages, indemnification, contribution for related legal actions, attorneys’ fees, and equitable relief. The case highlights the risks of third-party vendor vulnerabilities and the importance of securing cloud infrastructure to prevent similar attacks.
This matter underscores the growing complexity of
Verticals
securitytech
Originally published on Bleeping Computer on 2/25/2026