Fintech giant Marquis has filed a lawsuit against firewall provider SonicWall. The initial breach claimed hackers stole sensitive information on customer firewalls and launched a ransomware attack on the Marquis network.
The lawsuit, filed Monday in the U.S. District Court for the Eastern District of Texas, calls for a jury trial. It claims that the 2025 SonicWall breach “exposed sensitive security information about Marquis and all customers who used SonicWall’s firewall cloud backup service.”
Marquis Chief Executive Officer Satin Mirchandani said in a statement to TechCrunch that SonicWall suffered “significant reputational, operational and financial harm” due to its failure to secure backup services.
News of the lawsuit comes weeks after TechCrunch reported that Marquis plans to seek compensation from SonicWall. SonicWall, a fintech giant based in Plano, Texas, told customers that the company blamed SonicWall for allowing hackers to steal sensitive information about customer firewall configuration files, including its own firewall configuration files.
“SonicWall allowed threat actors to obtain keys that allowed them to bypass defenses and enter directly into Marquis’ internal network – exactly what SonicWall’s firewall was supposed to prevent,” the complaint reads.
The firewall is intended to prevent unauthorized access to the company’s network, but Marquis alleges that the hackers who scrambled the network with ransomware used stolen information about how SonicWall customers configured their firewalls, including emergency passwords (also known as scratch codes) that allowed access to Marquis’ internal networks.
Marquis, which allows hundreds of banks and credit unions to visualize their customers’ data, said hackers took “personally identifiable information about customers of some Marquis financial institutions customers” through a cyberattack.
The stolen data included financial information, including customer names, dates of birth, mailing addresses, bank account, debit and credit card numbers, as well as customers’ Social Security numbers.
A SonicWall spokeswoman had no immediate comment on the lawsuit.
SonicWall first acknowledged the system breach in mid-September. It said less than 5% of customer firewall configuration backup files were leaked from storage servers hosted in the Amazon cloud and maintained by SonicWall. Last October, the firewall manufacturer acknowledged that virtually all of its customers had had their firewall backup files stolen in the breach.
In December 2025, Marquis began notifying victims that their network had been breached in August of that year. SonicWall did not say when hackers first gained access to its systems.
It is not yet clear what caused the breach at SonicWall. Marquis alleged in the complaint that SonicWall changed the code of one of its APIs several months earlier, in February 2025, “creating a vulnerability that could be exploited by threat actors.” Marquis said the bug allowed hackers to guess predictable firewall serial numbers and access customer firewall configuration backup files “without proper authentication.”
“While we were able to quickly secure our network and client data, our investigation revealed that our exposure to threat actors was due to SonicWall’s failure to notify us that its network breaches and firewall protections were potentially compromised,” Mirchandani, CEO of Marquis, said in a statement shared with TechCrunch.
Mirchandani told TechCrunch that SonicWall has not yet provided any non-public information about the root cause of the breach.
“I hope to learn more through the litigation process,” Mirchandani said.
Marquis has not yet revealed how many individuals are affected by the data breach. At least 400,000 people across the U.S. are believed to have been affected by the fintech giant’s breach, according to a list from the Texas Attorney General.
The number of affected individuals is expected to increase as more data breach notifications are filed with various U.S. Attorneys General.
