Reportedly, several major U.S. banks and mortgage providers are urgently trying to determine the extent of their clients’ data compromised during a cyberattack earlier in the month targeting a New York-based financial technology firm.
SitusAMC, a technology vendor to more than a thousand commercial and real estate finance entities, verified in a statement during the past weekend that they detected a data security incident on November 12.
The company indicated that unknown cybercriminals had extracted company data linked to its banking clients’ affiliations with SitusAMC, in conjunction with “accounting documents and legal contracts” throughout the cyberattack.
The statement continued that the scope and attributes of the cyberattack “are still being examined.” SitusAMC stated that the matter is “now contained,” and that its systems are functioning. The business mentioned that no data-encrypting malware was employed, implying the cybercriminals were mainly oriented on extracting data from the company’s infrastructures instead of inflicting damage.
Per reports from Bloomberg and CNN, citing sources, SitusAMC issued data breach notifications to several large financial institutions, including JPMorgan Chase, Citigroup, and Morgan Stanley. SitusAMC’s client base also includes pension funds and state entities, as shown on its website.
It remains unknown how much data was compromised, or the number of U.S. banking customers that may be affected because of the breach. While companies like SitusAMC may not be widely recognized outside financial circles, they enable the infrastructure and technologies for their banking and real estate clientele to adhere to state and federal regulations. Functioning as an intermediary for financial customers, the company manages considerable volumes of confidential banking details on behalf of its clientele.
According to SitusAMC’s website, the business handles billions of loan-related documents on an annual basis.
When approached by TechCrunch, Citi representative Patricia Tuma chose not to offer comments concerning the breach. Tuma did not disclose whether the bank has obtained any communications from the cybercriminals, such as a request for payment.
Representatives from JPMorgan Chase, and Morgan Stanley did not promptly acknowledge a request for comments on Monday. SitusAMC chief executive Michael Franco also did not respond to our email when contacted for comment on Monday.
The FBI is currently investigating the security breach at SitusAMC. A spokesperson for the FBI did not respond to a request for comment outside of regular U.S. business hours.
