Several US banking giants and mortgage lenders are reportedly trying to assess how much of their customer data was stolen during a cyberattack on a financial technology firm in New York earlier this month.
SitusAMC, which provides technology to more than a thousand commercial and real estate financiers, confirmed in a statement over the weekend that it had detected a data breach on November 12.
The company said unspecified hackers had stolen corporate data related to its banking customers’ relationship with SitusAMC, as well as “accounting records and legal agreements” during the cyber attack.
The statement added that the scope and nature of the cyberattack “remains under investigation.” SitusAMC said the incident was “now contained” and that its systems were operational. The company said no encryption malware was used, suggesting the hackers focused on extracting data from the company’s systems rather than wreaking havoc.
According to Bloomberg and CNNCiting sources, SitusAMC has sent data breach notices to several financial giants, including JPMorgan Chase, Citigroup and Morgan Stanley. SitusAMC also counts pension funds and state governments as clients, according to its website.
It’s unclear how much data was taken or how many US banking consumers may be affected by the breach. Companies like SitusAMC may not be well known outside of the financial world, but they provide the mechanisms and technologies for its banking and real estate clients to comply with state and federal rules and regulations. In its role as an intermediary for financial clients, the company manages vast amounts of non-public banking information on behalf of its clients.
According to SitusAMC’s website, the company processes billions of loan-related documents annually.
When reached by TechCrunch, Citi spokeswoman Patricia Tuma declined to comment on the breach. Tuma would not say whether the bank has received any communication from the hackers, such as a demand for money.
Representatives for JPMorgan Chase and Morgan Stanley did not immediately respond to a request for comment on Monday. SitusAMC CEO Michael Franco also did not respond to an email when reached for comment on Monday.
An FBI spokesperson told TechCrunch that the bureau is aware of the breach.
“While we are working closely with affected agencies and our partners to understand the extent of the potential impact, we have not identified any operational impact on banking services,” FBI Director Kash Patel said in a statement shared with TechCrunch. “We remain committed to identifying those responsible and ensuring the security of our critical infrastructure.”
Know more about the SitusAMC data breach? Do you work at a bank or financial institution affected by the breach? We would love to hear from you. To contact this reporter securely, you can contact using Signal via username: zackwhittaker.1337
