Ransomware Attack on Marquis Software Solutions Disrupts U.S. Financial Institutions
In August 2025, Texas-based Marquis Software Solutions confirmed a ransomware attack that rippled through multiple U.S. banks and credit unions, exposing vulnerabilities in the financial sector’s cybersecurity defenses. The breach, later linked to a security flaw in SonicWall’s systems reported in September 2025, underscored the risks posed by third-party vendor dependencies in critical infrastructure.
The attack compromised an unspecified number of financial institutions, jeopardizing sensitive customer and banking data. The incident highlighted the cascading impact of cyber threats, where a single breach in a software provider can disrupt operations across interconnected networks. Financial institutions, reliant on secure data management from vendors like Marquis, faced operational disruptions and potential reputational damage as a result.
Marquis Software Solutions traced the attack to vulnerabilities in SonicWall’s security controls, revealing how shared platforms can amplify risks for collaborative users. The breach prompted affected organizations to reassess their cybersecurity frameworks, with many implementing enhanced monitoring, threat assessments, and patch management to contain the fallout.
The incident serves as a case study in the evolving threat landscape, where ransomware attacks increasingly target supply chains to maximize disruption. As financial institutions evaluate preventive measures including zero-trust security models and regular audits the attack reinforces the need for proactive defenses against persistent cyber risks.
SonicWall TPRM report: https://www.rankiteo.com/company/SonicWall
Marquis Software Solutions TPRM report: https://www.rankiteo.com/company/marquis-software-solutions
"id": "Sonmar1771316952",
"linkid": "SonicWall, marquis-software-solutions",
"type": "Vulnerability",
"date": "2/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Multiple U.S. banks and credit '
'unions',
'industry': 'Financial Services (Third-Party Vendor)',
'location': 'Texas, USA',
'name': 'Marquis Software Solutions',
'type': 'Software Provider'}],
'attack_vector': 'Third-party vendor vulnerability (SonicWall security flaw)',
'data_breach': {'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Sensitive customer and banking '
'data'},
'date_detected': '2025-08',
'date_publicly_disclosed': '2025-08',
'description': 'In August 2025, Texas-based Marquis Software Solutions '
'confirmed a ransomware attack that rippled through multiple '
'U.S. banks and credit unions, exposing vulnerabilities in the '
'financial sector’s cybersecurity defenses. The breach, later '
'linked to a security flaw in SonicWall’s systems reported in '
'September 2025, underscored the risks posed by third-party '
'vendor dependencies in critical infrastructure. The attack '
'compromised an unspecified number of financial institutions, '
'jeopardizing sensitive customer and banking data. The '
'incident highlighted the cascading impact of cyber threats, '
'where a single breach in a software provider can disrupt '
'operations across interconnected networks.',
'impact': {'brand_reputation_impact': 'Potential reputational damage',
'data_compromised': 'Sensitive customer and banking data',
'operational_impact': 'Operational disruptions across '
'interconnected networks',
'systems_affected': "Financial institutions' data management "
'systems'},
'lessons_learned': 'The incident serves as a case study in the evolving '
'threat landscape, where ransomware attacks increasingly '
'target supply chains to maximize disruption. It '
'underscores the need for proactive defenses, including '
'zero-trust security models and regular audits, to '
'mitigate persistent cyber risks.',
'post_incident_analysis': {'corrective_actions': 'Reassessment of '
'cybersecurity frameworks, '
'implementation of enhanced '
'monitoring, threat '
'assessments, and patch '
'management',
'root_causes': 'Vulnerabilities in SonicWall’s '
'security controls and third-party '
'vendor dependencies'},
'recommendations': 'Financial institutions should implement enhanced '
'monitoring, threat assessments, patch management, '
'zero-trust security models, and regular audits to prevent '
'similar incidents.',
'references': [{'source': 'Incident report'}],
'response': {'containment_measures': 'Enhanced monitoring, threat '
'assessments, and patch management',
'enhanced_monitoring': 'Implemented',
'remediation_measures': 'Reassessment of cybersecurity '
'frameworks'},
'title': 'Ransomware Attack on Marquis Software Solutions Disrupts U.S. '
'Financial Institutions',
'type': 'Ransomware',
'vulnerability_exploited': 'Security flaw in SonicWall’s systems'}