InfoSecBulletin Cybersecurity for mankind
Two new banks reported a data breach that revealed customer information due to a hack of their third-party vendor, Marquis Software Solutions. VeraBank in Texas reported that a data breach affected 37,318 clients, revealing their names and some personal information.
The bank didn’t detail which personal information was stolen, but its breach notification indicates that what was taken differed among clients.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
The Marquis hack impacted 32,344 customers of Artisans’ Bank in Delaware, exposing their names and Social Security numbers.
Both banks said Marquis informed them that it conducted its own investigation and informed law enforcement of the breach that it said happened on August 14th.
The Artisans’ Bank said it only learned of the breach in late October and “only recently” that its own customer information may have been compromised. VeraBank said that its own systems were not affected and the attack was limited to Marquis’s environment.
In November, Maine’s Norway Savings Bank (NSB) informed clients that their personal details were exposed following a ransomware attack on Marquis, its software provider. The breach affected 51,000 NSB clients.
NSB said the breach exposed its clients’ names, addresses, dates of birth, Social Security numbers, Tax ID numbers, and financial account information.
Cybernews reported at the time that it appeared Marquis paid the attackers a ransom. While not illegal, it carries a number of risks: there is no guarantee that the attackers wouldn’t share the stolen data on the dark web anyway and it also puts the victim in danger of follow-up attacks.
Texas-based Marquis is a digital marketing, compliance solution, and customer relationship manager (CRM) software provider counting over 700 banks in the US as its clients.
Over 74 US banks, credit unions impacted via Marquis data breach
