- SitusAMC suffered a breach that exposed company and customer data.
- The attack was a smash and grab attack, not ransomware. The FBI is aware of this and the investigation continues
- Affected customers may be major banks and mortgage providers, but details and perpetrators are not being disclosed.
A global company that provides consulting, technology and outsourcing services to some of the largest banks and mortgage lenders in the United States has suffered a data breach in which hackers managed to steal some of its confidential data, as well as data stored by the company on behalf of its clients.
SitusAMC offers a full range of services to support the entire residential and commercial real estate financing lifecycle, from loan origination and closing to portfolio management, debt and equity management and valuation.
His clients include major banks, private equity firms, asset managers, mortgage originators and servicers, CMBS/RMBS issuers, insurance companies and institutional investors. The biggest names are UBS Realty Investors, JPMorgan Chase, Hines, Citigroup and Morgan Stanley.
The FBI has been notified
In a brief statement on its website, SitusAMC explained that the stolen information belongs to both the company and its customers:
“Business data relating to some of our customers’ relationships with SitusAMC, such as accounting documents and legal agreements, is affected. Some data from some of our customers may also be affected,” the company said, adding that the investigation is ongoing and external cybersecurity experts have been contacted.
The police were also informed, the company emphasizes, and makes it clear that it was not a ransomware attack, but a simple data theft.
We do not know how many SitusAMC customers were affected by this attack or what information was stolen. When contacted by media representatives, most banks refused to comment or simply did not respond to media inquiries. So far, no threat actors have claimed responsibility for the attack.
IN TechCrunch