A major data breach tied to U.S. fintech firm Marquis is rippling through banks, credit unions and their customers. Hackers broke into Marquis systems by exploiting a known but unpatched vulnerability in a SonicWall firewall, gaining access to deeply sensitive consumer data.
At least 400,000 people are confirmed to be affected so far across multiple states. Texas has been hit the hardest with more than 354,000 residents affected. That number is expected to rise as additional breach notifications are filed. Marquis operates as a marketing and compliance provider for financial institutions. The company says it serves more than 700 banks and credit unions nationwide. That role gives Marquis access to centralized pools of customer data, which also makes it a high-value target.
Read more…
Source: Fox News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CISA: DoS and DDoS Attacks against Multiple Sectors
June 30, 2023
CISA is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks against multiple organizations in multiple sectors. These attacks can cost an organization time and money and may impose reputational costs while resources and services are inaccessible. If you think you or your business is experiencing a DoS or DDoS attack, it ...
- 2023 CWE Top 25 Most Dangerous Software Weaknesses
June 29, 2023
The Homeland Security Systems Engineering and Development Institute, sponsored by the Department of Homeland Security and operated by MITRE, has released the 2023 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses. The CWE Top 25 is calculated by analyzing public vulnerability data in the National Vulnerability Data (NVD) for root cause mappings to ...
- Military AI’s Next Frontier: Your Work Computer
June 22, 2023
It’s probably hard to imagine that you are the target of spycraft, but spying on employees is the next frontier of military AI. Surveillance techniques familiar to authoritarian dictatorships have now been repurposed to target American workers. Over the past decade, a few dozen companies have emerged to sell your employer subscriptions for services like “open ...
- Decade Old DDoS-for-Hire Service Taken Down, Administrators Arrested
June 19, 2023
Polish authorities took down a DDoS-for-hire service that’s been around for a decade following an investigation with support of the FBI, Europol and law enforcement agencies from Germany, Belgium and the Netherlands. DDoS attacks are always a nuisance, but they can inflict serious damage to companies and organizations. The simple fact that a webpage or a ...
- Military leaders warn U.S. must prepare for cyber, infrastructure threat
June 16, 2023
The United States must immediately get ready for domestic, cyber-enabled attacks on critical domestic infrastructure and guard against foreign-initiated information operations targeted at the American people, according to speakers and panelists at an Association of the U.S. Army symposium on Wednesday in Arlington, Virginia. Mark Bristow, director of the Cyber Infrastructure Protection Innovation Center (CIPIC) at ...
- Cyber attack results in data breach of all Louisiana driver licenses, IDs
June 16, 2023
Those with a Louisiana ID, registration or driver’s license could have their personal data exposed as a major cyber attack targeted the Louisiana Office of Motor Vehicles as well as other Government entities. According to the Governor’s Office of Homeland Security and Emergency Preparedness, the OMV was breached. The state says MOVEit – which is a ...