Fintech firm Marquis has filed a lawsuit against cybersecurity provider SonicWall, alleging that vulnerabilities in SonicWall’s firewall backup service directly led to a damaging ransomware attack on Marquis’ network. The lawsuit, filed in U.S. District Court for the Eastern District of Texas, seeks a jury trial and claims that SonicWall failed to adequately secure its backup service, resulting in significant financial, operational, and reputational harm to Marquis.
The Breach and Its Consequences
According to the complaint, a breach at SonicWall in 2025 exposed critical security information for all customers using its firewall cloud backup service. This included sensitive data about how customers configured their firewalls, including emergency access codes (“scratch codes”) which hackers then exploited to bypass Marquis’ defenses. The attackers subsequently infiltrated Marquis’ internal network and stole personally identifiable information (PII) from customers of financial institutions using Marquis’ services.
The stolen data included names, dates of birth, addresses, financial account details, and Social Security numbers. Marquis began notifying affected parties in December 2025, but the full extent of the breach – and the number of individuals impacted – remains unclear, with current estimates suggesting at least 400,000 people are affected across the U.S.
SonicWall’s Response and the Alleged Vulnerability
SonicWall initially acknowledged a breach in mid-September, downplaying it as affecting fewer than 5% of customers. However, the company later admitted that every customer’s firewall backup files had been stolen. Marquis alleges that SonicWall’s negligence is the direct cause of the incident.
The lawsuit claims that a code change made to one of SonicWall’s APIs in February 2025 created a vulnerability that allowed hackers to access firewall configuration files without proper authentication by exploiting predictable firewall serial numbers. Marquis asserts that SonicWall failed to notify customers about this compromised protection, leaving their networks vulnerable.
What This Means
This lawsuit highlights the growing risks associated with third-party cybersecurity providers. If true, SonicWall’s failure to secure its backup service demonstrates how a single point of failure in the supply chain can expose an entire network. The case raises critical questions about vendor accountability in the face of escalating cyberattacks.
Current Status
SonicWall has yet to publicly comment on the lawsuit. Marquis’ CEO, Satin Mirchandani, stated that the company hopes to gain more insight into the root cause of the breach through the litigation process. The lawsuit is expected to proceed to trial, where Marquis will seek compensation for the damages suffered as a result of SonicWall’s alleged security failings.
