- Hackers breached SitusAMC systems, stealing client data including accounting records and legal documents.
- The FBI launched an investigation and confirmed that banking operations remain unaffected.
- JPMorgan Chase and Citigroup received breach notifications, but their specific exposure is still unknown.
FBI Steps In After SitusAMC Hack
Bloomberg reports that hackers broke into SitusAMC Group Holdings earlier this month, compromising sensitive client data. The real estate finance tech vendor discovered the breach on November 12 and confirmed it publicly three days later.
Although the company says it has now contained the incident, it is still working with federal investigators and cybersecurity experts to assess the damage.
What Was Compromised
The attackers accessed key documents, including legal agreements and financial records. While SitusAMC did not detect ransomware, the stolen information still raises serious concerns for financial institutions that rely on the company’s technology.
SitusAMC began alerting clients last week. It confirmed that the breach affected customers in its residential mortgage division, although the full scope remains under review.
Get Smarter about what matters in CRE
Stay ahead of trends in commercial real estate with CRE Daily – the free newsletter delivering everything you need to start your day in just 5-minutes
Banks Scramble to Respond
JPMorgan Chase and Citigroup received notifications about the incident, according to sources familiar with the matter. However, neither bank has publicly commented on how the breach might affect them.
In response, the FBI released a statement confirming its involvement. “We are working closely with affected organizations,” said FBI Director Kash Patel. “So far, we’ve found no operational impact on banking services.”
Why This Breach Matters
SitusAMC provides essential technology and data services to banks, lenders, and real estate firms. A breach of this scale highlights growing vulnerabilities in financial supply chains. As more institutions outsource core infrastructure to third-party vendors, attacks like this can ripple across the broader market.
Additionally, the theft of legal and financial documents poses risks beyond technical disruptions—it may trigger compliance issues and legal exposure for clients.
Elsewhere in the housing finance ecosystem, budget pressures are also compounding risk exposure for underserved markets, particularly where development already faces limited resources.
What Comes Next
CEO Michael Franco said SitusAMC remains fully operational. He emphasized that the company is reviewing all affected data and will keep clients informed as the investigation moves forward.
This incident underscores the increasing threat of cyberattacks targeting financial infrastructure. As firms tighten vendor oversight, expect more scrutiny of third-party risk management in the months ahead.
