SitusAMC Data Breach May Impact US Banks

24th November 2025 – A recent data breach on mortgage and loan technology provider SitusAMC may have exposed sensitive customer data linked to major U.S. banks, including JPMorgan Chase, Citi, and Morgan Stanley. The breach has raised serious concerns across the financial sector.

Details of the Cyberattack

SitusAMC reported that the incident occurred on November 12, when attackers accessed information from its internal systems. The compromised data includes customer records and legal documents tied to bank clients. The company did not name which financial institutions were affected but confirmed that law enforcement had been notified. This data breach has apparently left major US Banks open to vulnerability.

Banks Assess the Impact

According to sources cited by the New York Times, JPMorgan, Citi, and Morgan Stanley were among the banks alerted about potential data exposure. Although JPMorgan stated its systems were not breached, the risk lies in the data handled by SitusAMC on the bank’s behalf.

The vendor provides critical back-end services like loan origination, compliance, and payment processing. It supports hundreds of banks and lenders across the United States.

Types of Data at Risk

The stolen data likely includes:

• Social Security numbers from loan applications
• Confidential customer information
• Documents related to banks’ portfolios and compliance efforts

Regulatory experts suggest the breach may also involve sensitive details about the banks themselves. Because SitusAMC handles regulatory compliance, attackers may have accessed internal operational data that extends beyond just client records.

FBI and Law Enforcement Response

The FBI confirmed it is working closely with affected institutions. FBI Director Kash Patel said investigators have found no disruption to core banking services. Authorities continue to assess how deeply the breach affects the broader financial system.

Largest Bank Data Breaches Ever

Why This Data Breach On US Banks Matters

SitusAMC, based in New York, employs around 5,000 people and plays a behind-the-scenes role in the U.S. real estate finance market. Most top-20 banks rely on it for commercial and residential loan infrastructure.

The breach highlights the risks tied to third-party vendors in finance. Experts warn that even when a bank’s internal systems remain secure, vendors like SitusAMC can serve as entry points for attackers. As banks tighten cybersecurity, attention is now shifting to partners who manage their customer and compliance data.