Vendor breach hits 74 lenders

Marquis Software Solutions — a Texas-based provider of CRM, data analytics, compliance reporting and digital marketing to more than 700 banks, credit unions and mortgage lenders — has acknowledged a ransomware intrusion on its network. (bleepingcomputer.com) The company says it detected the incident on August 14, 2025 and that attackers gained initial access via its SonicWall firewall, according to regulatory filings and vendor notices. (maine.gov) Marquis’s review and state breach notices say the intruders copied files containing names, postal addresses, dates of birth, Social Security numbers, Taxpayer Identification Numbers and financial account information. (classaction.org) Public reporting and regulatory disclosures disagree on the total tally of exposed records: several outlets and filings cite impacts in the "hundreds of thousands" range, while law‑firm and PR filings have enumerated totals approaching roughly 788,000 affected records. (securityweek.com) State filings show concentrated, institution‑level impacts — Maine’s Attorney General filing lists 42,784 Maine residents affected (38,334 tied to Maine State Credit Union) and separate notices reference Norway Savings Bank customers among those impacted. (maine.gov) Forensics and industry reporting link the intrusion to exploitation of a known SonicWall vulnerability (CVE‑2024‑40766) and note ties to the Akira ransomware group in similar campaigns; some outlets also report an alleged ransom payment to prevent a public leak. (brinztech.com)