24.11.2025
2 min
452
A cyberattack on SitusAMC, a major mortgage-processing vendor for U.S. financial institutions, may have exposed customer data belonging to JPMorgan, Morgan Stanley, Citi, and other major Wall Street banks. The full scope is still under investigation.
SitusAMC disclosed that malicious actors may have accessed corporate documentation and customer information stored on its systems. The company handles mortgage and loan processing for hundreds of U.S. banks, including most of the top 20 institutions, making the breach potentially far-reaching.
Exposed data may include customer PII, financial account information, legal documents, and lender-related records. While SitusAMC has not confirmed the nature of the attack, the firm stated that no encrypting malware was involved, suggesting it wasn’t a ransomware incident.
The FBI has launched its own investigation, noting that there is “no operational impact” on banking services. However, cybersecurity experts warn that the exposed information could fuel identity theft, financial fraud, and large-scale social engineering attacks.
SitusAMC is a major real-estate finance and technology provider with over $1.1 billion in revenue and more than 4,000 employees across 25 locations. Attacks on third-party vendors have become increasingly common, as a single breach can impact hundreds of organizations at once.
This follows similar incidents involving the Marquis marketing provider and large-scale attacks by the Russian-linked Cl0p group that affected major universities, enterprises, and Oracle EBS users.
The SitusAMC breach highlights the growing threat of supply-chain attacks targeting financial service providers, where compromising one vendor can expose millions of customer records. While the scope is still being determined, organizations should brace for potential phishing and fraud attempts stemming from the leaked data.
