"Marquis said it believes that its August 2025 ransomware attack happened because the company's firewall service provider SonicWall had its own data breach that exposed critical security information about its customers' firewalls. Marquis said its third-party investigation determined that the hackers obtained information about its firewall during the breach at SonicWall, which Marquis claims was used to circumvent its firewall. Marquis confirmed in the communication that it stored a backup of its firewall configuration file in SonicWall's cloud."
""In September 2025, after the data security incident affected our systems, our firewall service provider, an industry-leading cybersecurity company, publicly disclosed that a threat actor had earlier in the year gained unauthorized access to its cloud backup service," the statement said. "Marquis had recently begun using this provider's firewalls to help protect our network," the statement added. "While the provider initially reported that fewer than 5% of customers were affected, it later clarified in October 2"
Marquis experienced an August 2025 ransomware attack that exposed customers' personal and financial data. The company attributes the attack to a prior breach of its firewall provider SonicWall, which allegedly exposed critical firewall security information and credentials. Marquis' third-party investigation concluded that attackers used information obtained from SonicWall's breach to circumvent Marquis' firewall. Marquis confirmed it stored a backup of its firewall configuration in SonicWall's cloud. Marquis is evaluating options against the firewall provider, including seeking recoupment of expenses incurred by Marquis and its customers in responding to the incident. A spokesperson reiterated the link to SonicWall's disclosed cloud backup compromise.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]