Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity NewswireCybersecurity News

Security Leaders Discuss the Marquis Data Breach

By Jordyn Alger, Managing Editor
Code
Pankaj Patel via Unsplash
December 9, 2025

Marquis Software Solutions experienced a data breach affecting approximately 780,000 individuals, according to filings with the Office of the Maine Attorney General, the Office of Attorney General of Iowa, and more. According to the filing in Maine, suspicious activity was detected on the organization’s systems on Aug. 14. This activity was determined to be a ransomware attack. 

Upon the launch of an investigation, it was discovered that the malicious actor accessed its network via its SonicWall firewall and may have acquired certain files. Personal data at risk may include:

  • Names
  • Dates of birth
  • Addresses 
  • Phone numbers
  • Taxpayer Identification Numbers
  • Financial account data 
  • Social Security numbers

At this time, there is no evidence that the data has been misused. 

Security Leaders Weigh In

David Stuart, Cybersecurity Evangelist at Sentra: 

Although the initial access in this incident came from a firewall vulnerability, the real damage occurred once attackers reached sensitive data. Breaches like this show how important it is to prevent credentials and encryption keys from being stored in unprotected locations or in unmasked forms. When secrets are exposed, attackers can move quickly and gain access to high-value information.

Organizations also need continuous visibility into where sensitive data lives and how it is being accessed. Detecting credit card numbers, Social Security numbers and other regulated data across all environments and validating that it is properly protected can significantly reduce occurrence of compliance violations and the impact of a compromise. Continuous monitoring for unusual data activity, such as unexpected access by third parties or unfamiliar IPs, is another key safeguard.

Strong password practices and timely patching will always matter, but reducing the blast radius requires a data-centric approach that limits what attackers can reach even if they do get in.

Sachin Jade, CPO at Cyware: 

Personal data focused exploitation attacks are ever increasing. Threat actors are employing both old and new techniques to breach, steal and misuse personal data.

In an increasingly connected world, financial firms are targeted by multiple threat vectors looking for gaps in their defenses, exacerbated with threat actors leveraging AI as well. Fraud and personal credential and data need to be an integral part of the overall risk and exposure management strategy.

Operationalizing threat intelligence data is paramount. Enterprises, including financial firms, can evaluate and incorporate a capability maturity model (CCM) that can enable them to leverage different threat intelligence data, correlate with identity and personalized data, evaluate value at risk, leverage trusted AI models and develop scenarios to help determine potential mitigation.

Clyde Williamson, Senior Product Security Architect at Protegrity: 

When we sign a contract with a vendor, partner or service provider, it is tempting to believe we have offloaded a problem. This is a critical flaw in business thinking today. We haven’t offloaded the problem, we’ve distributed the risk.

The Marquis breach could be framed as a simple technical failure. Their SonicWall firewall got hit; that’s the cost of business. Casting this as a “firewall issue,” though, misses the point entirely. I’m asked to comment on these sorts of events weekly. This is an ontological failure across our industry.

Hundreds of banks told their customers, “Trust us,” and then extended that trust to Marquis without their customers’ consent. Unlike formal logic, trust in cybersecurity cannot be simply passed along a chain of command. Banks believe they’re outsourcing work but actually retain liability while losing control. The lesson: failure to audit the entire trust chain betrays the customer, who only cares that their bank did not protect them.

The attackers lived inside the Marquis environment from August to October. Two months. We continue to build security doctrines around “walls” in an era where data isn’t in one place for long. A wall is a static, binary defense. It says “Yes” or “No” at the gate. Once the gate is breached, like with SonicWall, the wall offers no further opinion. This “dwell time” is the death knell of infrastructure-centric security. If we do not have intelligent, data-centric security in which the data itself can ask, “Why am I being moved?”, then we are simply building taller walls.

The real problem, though, is the asymmetry of the situation as a whole. The most impacted group, the customer, has little to no say in what happened to their data. The banks have the paper cover of a contract, and they can point the finger at someone else. Marquis will probably pay a little fine to a couple of states and offer some credit monitoring to the victims. Of course, some of the most common abuses of PII data (like what was stolen) aren’t solved by credit monitoring. Attackers who use the collected information to build personalized social engineering attacks will be harvesting value by abusing victims for years, long after the pittance of 24 months of credit monitoring has passed, while the banks and Marquis have enjoyed another profitable quarter. Profit is privatized, and Risk is socialized. The vendor saves money on “efficient” architectures, while the public pays the price in perpetuity.

Until we treat data as a liability to be protected, not an asset, this will continue. The core takeaway for every CISO: lasting trust cannot be bought or outsourced. It demands active stewardship, accountability and constant responsibility.

KEYWORDS: data breach ransomware security leaders

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Jordynalger

Jordyn Alger is the managing editor for Security magazine. Alger writes for topics such as physical security and cyber security and publishes online news stories about leaders in the security industry. She is also responsible for multimedia content and social media posts. Alger graduated in 2021 with a BA in English – Specialization in Writing from the University of Michigan. Image courtesy of Alger

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Top Cybersecurity Leaders
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Career Intelligence
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Paparazzi

When Private Events Become Public Infrastructure: What Celebrity OSINT Teaches Security Leaders

Broken wet floor sign

Why Response Time Is Becoming the Missing Metric in Workplace Safety and Security

Cyber Tactics

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Medical professional

Nearly 85% of Nurses Experienced Workplace Violence in the Last Year

Kaseware sponsored webinar
Schneider Electric sponsored webinar

Events

August 25, 2026

Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

LIVE: August 25, 2026 at 2 PM EDT Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.

August 27, 2026

Leveraging AI & Mobility to Advance Your Security Domain

LIVE: August 27, 2026 at 2 PM EDT Explore how AI-driven cloud security solutions can elevate your security domain enhancing threat detection, streamlining operations, and delivering the resilience modern organizations demand.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • Green digital symbols on screen

    Security leaders discuss the National Public Data breach

    See More
  • Office supplies

    Security Leaders Discuss the Vercel Breach

    See More
  • AI chip

    Security Leaders Discuss the Claude Mythos Breach

    See More

Events

View AllSubmit An Event
  • July 8, 2026

    The 2026 Security Maturity Benchmark Report: Insights From Senior Security Leaders

    ON DEMAND: In this webinar, speakers will share key insights from the 2026 Security Maturity Benchmark Report, including why today’s threat environment demands greater maturity and how to evaluate your organization’s current security posture.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing