Ransomware cases highlight ongoing security pressure in financial services

### Executive summary This report reviews three recent lawsuits tied to data breaches impacting financial services — two linked to a vendor (Marquis Software Solutions) and one from a direct compromise of Byzfunder — which exposed identity-grade data (including Social Security numbers and account details), involved a reported ransom payment, and prompted scrutiny over notification timing, vendor oversight, encryption, and monitoring; it highlights vendor concentration risk, regulatory benchmarks used in litigation, and recommends controls (allowlisting, least-privilege, encryption, EDR, segmentation, patching, and incident-response planning).