Several major U.S. banks and mortgage lenders are working to determine how much customer information was stolen after hackers breached a New York financial technology firm earlier this month.
Fintech Firm Confirms November 12 Breach
SitusAMC, which provides technology services for more than a thousand commercial and real-estate financiers, confirmed over the weekend that it discovered a cyberattack on November 12.
The company said hackers stole corporate data tied to its banking customers’ relationship with SitusAMC, along with “accounting records and legal agreements.”
SitusAMC said the investigation is ongoing, adding that the incident is now contained and systems are functioning normally. The firm noted that no encrypting malware was used, indicating the attackers focused on data theft rather than system disruption.
Major Banks Notified
Bloomberg and CNN, citing sources, report that SitusAMC sent data breach notifications to JPMorgan Chase, Citigroup, and Morgan Stanley. The company’s client list also includes pension funds and state governments.
It remains unclear how much data was stolen or how many banking consumers may be affected. Although not widely known to the public, SitusAMC handles the behind-the-scenes technology that banks and lenders rely on to meet regulatory requirements, giving it access to large volumes of sensitive, non-public financial data.
According to the company, it processes billions of loan documents annually.
Banks Stay Quiet As Investigation Continues
Citi spokesperson Patricia Tuma declined to comment and would not say whether the bank has received communication or ransom demands from the hackers. JPMorgan Chase, Morgan Stanley, and SitusAMC CEO Michael Franco did not respond to requests for comment.
FBI Monitoring Impact
The FBI confirmed it is aware of the breach.
“While we are working closely with affected organizations and our partners to understand the extent of potential impact, we have identified no operational impact to banking services,” FBI director Kash Patel said in a statement. “We remain committed to identifying those responsible and safeguarding the security of our critical infrastructure.”
Featured image credits: Rapha Wilde via Unsplash
For more stories like it, click the +Follow button at the top of this page to follow us.