US Banks Rush to Assess Data Theft After Hackers Breach Fintech Firm
▼ Summary
– U.S. banks and mortgage lenders are assessing data theft from a cyberattack on financial tech company SitusAMC, which occurred on November 12.
– Hackers stole corporate data, accounting records, and legal agreements related to SitusAMC’s banking customers during the breach.
– The attack is now contained with no encrypting malware used, and the scope remains under investigation by the company.
– Affected institutions include major banks like JPMorgan Chase, Citigroup, and Morgan Stanley, as well as pension funds and state governments.
– The FBI is aware of the breach and is working with affected organizations but has identified no operational impact to banking services.
Major U.S. banks and mortgage lenders are urgently evaluating the fallout from a significant cybersecurity incident involving a New York-based financial technology provider. The breach, which occurred earlier this month, has prompted widespread concern over the security of sensitive customer information held by financial intermediaries.
SitusAMC, a firm delivering technology solutions to more than a thousand commercial and real estate finance clients, acknowledged over the weekend that it discovered unauthorized access to its systems on November 12. In an official statement, the company confirmed that hackers obtained corporate data linked to its banking customers’ dealings with SitusAMC. The stolen information reportedly includes accounting records and legal agreements, though the full extent and details of the intrusion are still being examined.
According to the company, the security event has been contained and normal operations have resumed. Notably, no ransomware or file-encrypting malware was deployed, indicating the attackers’ primary goal was data theft rather than system disruption.
Media outlets including Bloomberg and CNN, citing informed sources, report that SitusAMC has issued data breach alerts to multiple financial heavyweights such as JPMorgan Chase, Citigroup, and Morgan Stanley. The company’s client roster also features pension funds and various state governments, as noted on its corporate website.
The precise volume of data compromised and the number of banking customers potentially affected remain unknown. Firms like SitusAMC operate largely behind the scenes but play a crucial role in the financial ecosystem by supplying the technological infrastructure that enables banks and real estate firms to meet regulatory requirements. Acting as a middleman, the organization manages enormous quantities of confidential banking data on behalf of its clients. SitusAMC’s own website states it processes billions of loan-related documents each year.
When contacted by TechCrunch, Citigroup spokesperson Patricia Tuma declined to discuss the breach and would not confirm whether the bank had received any communication from the hackers, such as a ransom demand. Representatives for JPMorgan Chase and Morgan Stanley did not provide immediate comments on Monday. SitusAMC’s chief executive, Michael Franco, also did not reply to an email seeking additional information.
The Federal Bureau of Investigation has acknowledged awareness of the breach. In a statement provided to TechCrunch, FBI Director Kash Patel noted, “We are collaborating closely with impacted organizations and our partners to gauge the potential consequences, but at this time we have observed no disruption to banking services. Our focus remains on identifying the responsible parties and protecting our critical infrastructure from harm.”
(Source: TechCrunch)
