Several major US banking institutions and mortgage lenders are reportedly rushing to determine how much of their customers’ data was stolen in a recent cyberattack. The attack targeted SitusAMC, a New York-based financial technology company, earlier this month.
SitusAMC confirmed in a statement that it identified a data breach on November 12. The company stated that unspecified hackers stole corporate data related to its banking customers’ relationships with the firm. The stolen information also included accounting records and legal agreements.
The company noted that the full scope and nature of the cyberattack remain under investigation. SitusAMC said the incident is now contained and its systems are operational. The hackers did not use encrypting malware, which suggests their primary goal was to steal data from the company’s systems rather than cause disruption.
According to reports, SitusAMC sent data breach notifications to several financial giants, including JPMorgan Chase, Citigroup, and Morgan Stanley. The company’s website also lists pension funds and state governments among its clients.
It is currently unclear how much data was taken or how many US banking customers may be impacted. Companies like SitusAMC provide the technology and mechanisms for banking and real estate clients to comply with state and federal regulations. In its role as a middleman, the company handles vast amounts of non-public banking information on behalf of its customers. The company’s website states it processes billions of loan-related documents every year.
When contacted, a spokesperson for Citigroup declined to comment on the breach and would not confirm if the bank had received any communications from the hackers. Representatives for JPMorgan Chase and Morgan Stanley did not immediately respond to requests for comment. SitusAMC’s chief executive, Michael Franco, also did not respond to a request for comment.
The FBI is investigating the breach at SitusAMC. A spokesperson for the FBI did not respond to a request for comment outside of standard US business hours.