A fintech company named Marquis is informing dozens of U.S. banks and credit unions that their customer data was stolen in a cyberattack earlier this year. Details of the incident emerged this week after Marquis filed data breach notices with several U.S. states, confirming its August 14 event was a ransomware attack.
The Texas-based company is a marketing and compliance provider that helps banks and other financial institutions collect and visualize their customer data in one place. The company serves more than 700 banking and credit union customers. Consequently, Marquis stores large amounts of data belonging to consumer banking customers across the United States.
At least 400,000 people are confirmed affected so far, according to legally required disclosures filed in the states of Iowa, Maine, Texas, Massachusetts, and New Hampshire. Texas has the largest number of affected residents, with at least 354,000 people impacted.
In its notice to Maine’s attorney general, Marquis stated that banking customers with the Maine State Credit Union accounted for the majority of its data breach notifications for that state, representing around one-in-nine people known to be affected there. The total number of individuals affected by the breach is expected to rise as more notifications are filed with other states.
Marquis said the hackers stole customer names, dates of birth, postal addresses, and financial information, including bank account, debit card, and credit card numbers. The company also confirmed that Social Security numbers were taken.
According to its recent notices, Marquis attributed the ransomware attack to hackers who exploited a vulnerability in its SonicWall firewall. This vulnerability was considered a zero-day, meaning the flaw was not known to SonicWall or its customers before hackers maliciously exploited it.
Marquis did not attribute the attack to a specific group. However, the Akira ransomware gang was reportedly behind mass hacks targeting SonicWall customers at the time.