26-02-02, 3:58 p.m.

Marquis Software Solutions attributes a ransomware attack affecting U.S. banks to stolen firewall backup data from SonicWall’s cloud service. The incident highlights how breaches of trusted providers can cascade into major enterprise impacts.

Recent events in the financial services sector highlight a growing threat that businesses cannot ignore. Marquis Software Solutions, a provider of data analytics, compliance reporting, CRM tools, and digital marketing services to hundreds of U.S. banks and credit unions, was hit by a ransomware attack in August 2025.

Initially, it was believed that the attack exploited an unpatched firewall. However, investigations revealed a more concerning reality: the attackers leveraged firewall configuration backup data stolen from SonicWall’s cloud service. This breach demonstrates how even trusted providers and third-party services can become entry points for sophisticated cyberattacks.

How the attack unfolded

The attackers bypassed Marquis’ defenses by using configuration data extracted from SonicWall’s cloud backups, allowing them to circumvent firewalls without directly exploiting the software itself. This highlights a critical trend in modern cybercrime: attackers are increasingly targeting supply chains and trusted services rather than focusing solely on individual systems.

The incident affected dozens of banks and credit unions, demonstrating the ripple effect that a single breach of a provider can have on multiple organizations. It serves as a stark reminder that cybersecurity is not just about protecting your own systems, but also about understanding and managing risks from the tools and services your organization relies on.

What this means for your business

Any organization using cloud services, third-party platforms, or enterprise tools is potentially exposed to similar risks. Even highly secure systems can become vulnerable if attackers exploit trusted services, stolen credentials, or misconfigured backups.

This evolving threat landscape underscores a critical reality:

Cybersecurity is no longer just an IT issue, it’s a business imperative.

How Upside Business Technologies can help

At Upside Business Technologies, we help businesses protect themselves against modern, complex attacks by focusing on:

• Supply chain and third-party risk assessments

• Proactive monitoring of systems and access credentials

• Incident response planning and threat detection

• Strengthening internal policies to minimize human error and misconfigurations

A breach like the Marquis attack could happen to any organization. The difference lies in preparedness, visibility, and response. Protect your systems, your clients, and your business reputation before attackers find an entry point. Contact Upside Business Technologies today to assess your cybersecurity posture and reduce your risk exposure.