General Discussion

Yo_Mama_Been_Loggin

(132,849 posts) Mon Dec 22, 2025, 02:22 PM Dec 22

Massive breach hits banks -- 400,000 exposed, victims may be owed compensation

Hackers infiltrated Marquis’ systems by exploiting an unpatched firewall flaw, ultimately gaining access to Social Security numbers, bank account details, and personal identifiers across multiple financial institutions. The breach is now being linked to the Akira ransomware gang, according to cybersecurity reports.

How the Marquis Breach Unfolded Through a Single Point of Failure

Marquis, which works with more than 700 banks and credit unions across the United States, was compromised on August 14 via a SonicWall firewall vulnerability. This particular flaw had been previously identified but remained unpatched in some systems, creating an easy entry point for threat actors. According to legally mandated disclosures in Texas, Maine, Iowa, Massachusetts and New Hampshire, hackers accessed highly sensitive data: names, birth dates, addresses, Social Security numbers, and banking credentials.

The Texas Attorney General’s Office confirmed that over 354,000 individuals in the state were affected. That number is expected to grow as other institutions file their breach notifications. Marquis issued a public statement acknowledging the attack, saying they had “immediately enacted response protocols” and took systems offline upon detection. While the company confirmed the incident was ransomware-related, it did not name the attackers, though security researchers strongly associate the event with the Akira group, known for targeting SonicWall users.

A spokesperson for Marquis stated there was “no evidence of identity theft or fraud,” yet cybersecurity experts stress that the danger extends far beyond initial misuse. Ricardo Amper, CEO of Incode Technologies, told Fox News: “Core identity data is static. You cannot meaningfully change your date of birth or SSN, and once those are exposed, they can circulate on criminal markets for years.”

https://www.msn.com/en-us/money/technology/massive-breach-hits-banks-400-000-exposed-victims-may-be-owed-compensation/ar-AA1SLZYU

6 replies

= new reply since forum marked as read

Highlight:

Massive breach hits banks -- 400,000 exposed, victims may be owed compensation (Original Post) Yo_Mama_Been_Loggin Dec 22 OP

Kick dalton99a Dec 22 #1

Oh whow. riversedge Dec 22 #2

354k isn't even a major breach anymore sboatcar Dec 22 #3

Welp, that's one advantage to living paycheck-to-paycheck jmbar2 Dec 22 #4

Change your passwords, now. dickthegrouch Dec 22 #5

Of course it was TX live love laugh Dec 23 #6

dalton99a

(92,125 posts)

1. Kick

Reply to Yo_Mama_Been_Loggin (Original post)

Mon Dec 22, 2025, 02:23 PM

Dec 22

riversedge

(79,428 posts)

2. Oh whow.

Reply to Yo_Mama_Been_Loggin (Original post)

Mon Dec 22, 2025, 02:25 PM

Dec 22

sboatcar

(695 posts)

3. 354k isn't even a major breach anymore

Reply to Yo_Mama_Been_Loggin (Original post)

Mon Dec 22, 2025, 02:37 PM

Dec 22

At my company, we average 3 ransomware/data breach cases coming in every day. We're not even a major player, and its every kind of business you can think of. There's also a ton of data theft, but the evidence of data exfiltration isn't there, no one ever finds out about it. I'd say 99% of all the cybercrime cases never get reported to the media. Most get reported to the FBI, but they don't publish the reports.