What happened
Artisans’ Bank and VeraBank notify customers after Marquis ransomware attack as additional U.S. financial institutions confirmed data exposure linked to an August 2025 ransomware incident at Marquis Software, a core banking technology vendor. The attack compromised systems used by multiple banks, prompting delayed breach notifications to affected customers. Exposed data reportedly includes names, Social Security numbers, and account information, depending on the institution.
Who is affected
Bank customers receiving breach notifications are directly impacted, while financial institutions face regulatory scrutiny and incident response costs. Marquis Software remains central to the investigation.
Why CISOs should care
The incident underscores persistent third-party risk in financial services. Vendor breaches continue to trigger downstream data exposure well after the initial intrusion.
3 practical actions
-
Reassess vendor risk: Review security controls of critical service providers.
-
Test notification workflows: Ensure breach response timelines meet regulatory expectations.
-
Limit shared data: Reduce unnecessary data exposure to third parties.