SitusAMC Data Breach Exposes Client Information
▼ Summary
– SitusAMC discovered a data breach on November 12, 2025, which compromised certain information from its systems.
– The company provides back-office services for real-estate financing, including mortgage origination and compliance for major banks like Citi and Morgan Stanley.
– Corporate data such as accounting records and legal agreements from some clients and their customers was impacted, but no encrypting malware was used.
– Business operations remain unaffected, and the company is directly contacting clients and providing updates as the investigation continues.
– The full scope of impacted customers is unclear due to the complexity of the data, and determining all affected parties will take time.
A significant data breach at SitusAMC, a major provider of back-end services for prominent banks and lenders, has exposed sensitive client and customer information. The company, which supports critical real estate financing operations including mortgage origination and compliance, detected the security incident in mid-November and has since confirmed unauthorized access to its systems. While business functions continue without disruption and no ransomware was deployed, the breach compromised corporate records, legal agreements, and potentially customer-related data handled on behalf of SitusAMC’s institutional clients.
SitusAMC serves approximately 1,500 clients and generates roughly $1 billion in annual revenue, counting financial heavyweights like Citi, Morgan Stanley, and JPMorgan Chase among its partners. The firm specializes in managing back-office workflows for commercial and residential real estate financing, placing it at the center of a vast network of financial data. Following the detection of the breach, the company initiated an investigation with external cybersecurity experts and began directly notifying affected residential customers and business clients.
In an official statement, the company confirmed, “On November 12, 2025, SitusAMC became aware of an incident that we have now determined resulted in certain information from our systems being compromised.” They further clarified that both corporate data tied to client relationships, such as accounting and legal documents, and certain information belonging to clients’ customers may have been accessed. SitusAMC has pledged to continue analyzing the scope of the incident and provide ongoing updates directly to its clients.
CEO Michael Franco assured that the firm remains fully operational and is maintaining direct communication with its client base. “We are in direct contact with our clients about this matter,” he stated. “We remain focused on analyzing any potentially affected data and will provide updates directly to our clients as our investigation progresses.” The timeline of the company’s response shows that the security alert was first raised on November 12, with a breach confirmed by November 15. Notifications to residential customers began on November 16, and by November 22, all clients were informed that data had been exfiltrated.
Due to the complexity and volume of data managed by SitusAMC, the total number of affected individuals remains unclear. A complete assessment is expected to take additional time. Inquiries sent to Citi, Morgan Stanley, and JPMorgan Chase regarding whether they were notified of the breach and if their customer data was impacted have not yet received public responses. SitusAMC continues to work with cybersecurity specialists to secure its systems and identify every party impacted by the intrusion.
(Source: Bleeping Computer)
