PLANO, Texas— Marquis Software Solutions is now saying an August 2025 ransomware attack exposed the personal information of more than 672,000 individuals, significantly revising earlier estimates of the scope of the breach.
The company disclosed in updated filings and notifications that at least 672,000 people were affected, after previously reporting lower and varying figures as its investigation progressed, according to SecurityWeek.
Marquis, a Plano, Texas-based provider of marketing, compliance and data services to banks and credit unions, said hackers gained unauthorized access to its network in mid-August 2025. The company has said it began notifying impacted individuals after identifying those whose information may have been compromised, according to Yahoo Finance.
As the CU Daily reported earlier, compromised data varies by individual but may include names, addresses, Social Security numbers, taxpayer identification numbers, dates of birth and financial account information.
More Than 70 CUs Affected
Marquis has said the breach was limited to its own systems and did not directly impact the systems of its financial institution clients, also according to TechRadar. The company serves hundreds of banks and credit unions, with the breach affecting the members of more than 70 CUs.
As the CU Daily also reported earlier, the incident has also triggered litigation and scrutiny over third-party vendor risk. Marquis filed a lawsuit in February 2026 against SonicWall, alleging vulnerabilities in the cybersecurity firm’s systems contributed to the attack. SonicWall has disputed any direct link between its systems and the breach.
