Marquez has filed a lawsuit against firewall provider SonicWall, claiming that a security failure in its firewall backup led to the ransomware attack.

Fintech giant Marquis has filed a lawsuit against its firewall provider SonicWall, claiming that the previous breach allowed hackers to steal sensitive information about customers’ firewalls leading to a ransomware attack on the Marquis network.

The lawsuit filed Monday in the U.S. District Court for the Eastern District of Texas seeks a jury trial. It claims that the 2025 breach at SonicWall “exposed critical security information to Marquis and every customer who used SonicWall’s firewall cloud backup service.”

Marquis CEO Satin Mirchandani told TechCrunch in a statement that SonicWall failed to secure its backup service, causing the company to suffer “significant reputational, operational and financial damage.”

News of the lawsuit comes weeks after TechCrunch reported that Marquez was planning to seek compensation from SonicWall. The Plano, Texas-based fintech giant told its customers that it blamed SonicWall for allowing hackers to steal sensitive information about customers’ firewall configuration files, including its own.

“SonicWall allowed the threat actor to obtain the keys to bypass this line of defense and enter directly into Marquis’ internal network, the very thing SonicWall’s firewall was supposed to prevent,” the complaint states.

Firewalls are intended to prevent unauthorized access to a company’s network, but Marquis claims that the hackers who jammed its network with ransomware used information stolen from SonicWall about how its customers configured their firewalls, including emergency passcodes (known as zero codes) that allowed access to Marquis’ internal network.

Marquis, which allows hundreds of banks and credit unions to visualize their customer data, said hackers took “personally identifiable information related to customers of some of Marquis’ financial institution clients” in its cyberattack.

The stolen data includes customers’ names, dates of birth, mailing addresses, and financial information, including bank account, debit and credit card numbers, as well as customers’ Social Security numbers.

A SonicWall spokesperson did not immediately comment on the lawsuit.

SonicWall first acknowledged the breach in its systems in mid-September, saying that less than 5% of its customers’ firewall configuration backup files had been pulled from its storage servers, which were hosted in Amazon’s cloud and maintained by SonicWall. The firewall manufacturer admitted in October that in fact every customer’s firewall backup files were stolen during the hack.

In December 2025, Marquis began notifying affected people that its networks had been compromised in August of that year. SonicWall did not say when hackers first gained access to its systems.

It is not yet clear what caused the SonicWall hack. In its complaint, Marquis alleges that SonicWall changed the code for one of its APIs months earlier, in February 2025, which “created a vulnerability that could be exploited by threat actors.” The bug allowed hackers to access a customer’s firewall configuration backup files “without proper authentication” by guessing predictable firewall serial numbers, Marquez said.

“While we were able to quickly secure our network and customer data, our investigation revealed that our exposure to threat actors was due to the SonicWall network being compromised and a failure to notify us that our firewall protections may have been compromised,” Mirchandani, CEO of Marquis, said in a statement shared with TechCrunch.

Mirchandani told TechCrunch that SonicWall has not yet provided any non-public information about the root cause of its breach.

“We hope to learn more through the litigation process,” Mirchandani said.

Marquis still has not said how many individuals were affected by its data breach. According to the Texas Attorney General’s list, at least 400,000 people across the US are known to have been affected by the fintech giant’s hack.

The number of individuals affected is expected to rise as more data breach notifications are filed with multiple U.S. Attorneys General.