Wall Street banking firms were unhappy to learn that corporate data from their customers has been compromised in a cyber attack.
This month, hackers managed to steal a trove of information from a tech company they utilize for mortgage and real estate loans. New York-headquartered SitusAMC serves approximately 1,500 clients, including impacted financial firms such as JPMorgan Chase & Co (NYSE: JPM), Citigroup Inc (NYSE: C) and Morgan Stanley (NYSE: MS). They were notified individually and a statement was issued to the public online.
“On Nov. 12, 2025, we became aware of an incident that we have now determined resulted in certain information from our systems being compromised,” SitusAMC specified on Saturday. “Corporate data associated with certain of our clients’ relationship with SitusAMC such as accounting records and legal agreements has been impacted.”
The fintech operator says no encrypting malware was involved and that the incident is fully contained. Not using encrypting malware suggests that those responsible were more concerned with stealing data than causing damage to SitusAMC’s system.
Encrypting malware is a type of malicious software used by hackers to essentially hold data ransom. They will demand payment before giving the victim a decryption key so they can access it again.
The matter is still currently being investigated. Banks affected by the occurrence have declined to provide statements on the matter thus far. It is uncertain how much data was procured by the cyber theft at this point in time.
“While we are working closely with affected organizations and our partners to understand the extent of potential impact, we have identified no operational impact to banking services,” FBI Director Kash Patel explained in a statement. He stated that the bureau was committed to finding those responsible.
SitusAMC is known to hold sensitive financial information, including social security numbers and details about the internal workings of banking institutions. Exposed data was primarily linked to residential loan mortgages, according to the New York Times. Employee credentials may have also be compromised.
JPMorgan Chase, Citi, and Morgan Stanley are among the firms alerted by SitusAMC that their client data could have been compromised.
GeneralMCNews pic.twitter.com/Xw5onVYmEQ
— Jack Straw (@JackStr42679640) November 23, 2025
Follow Rowan Dunne on LinkedIn
rowan@mugglehead.com
