SitusAMC Cyberattack Exposes Major Bank Client Data, Possibly from JPMorgan Chase, Citi, and Morgan Stanley
Published
Key Takeaways
- Vendor breach: Technology vendor SitusAMC, which serves the real estate lending industry, was hit by a cyberattack on November 12.
- Potential impact: JPMorgan Chase, Citi, and Morgan Stanley client data may have been exposed through their connections to the compromised vendor.
- No encrypting malware: The incident did not involve encrypting malware, and the breach was reportedly contained and services are fully operational.
A cyberattack targeting SitusAMC, a key technology vendor for the real estate finance industry, has potentially exposed client data belonging to several major banks. The New York-based company confirmed it was the subject of an attack on November 12, which compromised certain information on its systems.
Nature of the Bank Client Data Breach
While SitusAMC did not name the affected clients, the New York Times on Saturday reported that customer data from financial giants like JPMorgan Chase, Citi, and Morgan Stanley may have been impacted.
According to SitusAMC, the compromised information includes corporate data related to some clients' dealings with the company, such as accounting documents and legal contracts.
The firm acknowledged that "data relating to some of our clients' customers may also have been impacted," and said it has notified law enforcement and is actively analyzing the scope of the breach.
FBI Cyber Investigation and Response
The Federal Bureau of Investigation (FBI) is aware of the incident. In a statement cited by Reuters, FBI Director Kash Patel noted that while the agency is working with affected organizations, it has "identified no operational impact to banking services."
SitusAMC has also confirmed that the data breach was contained without the involvement of encrypting malware, and its services are fully operational. The incident serves as a critical reminder of the pervasive threat of supply chain attacks and the importance of comprehensive security assessments for all third-party vendors.
A few days back, Senator Ron Wyden, an Oregon Democrat, announced pressing for an investigation into JPMorgan Chase and Epstein in relation to the reporting of more than $1 billion in suspicious transactions.
Also, Salesforce data was stolen via third-party Gainsight, which ShinyHunters claimed and announced “almost 1,000” victims.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular