Miami
X Youtube

FBI Investigates SitusAMC Cyberattack Compromising Mortgage Data at Major Wall Street Banks

The FBI is probing a SitusAMC cyberattack that compromised mortgage data at JPMorgan, Citi, and Morgan Stanley.
byEditorial Staff
November 24, 2025, 12:45 AM

Executive Summary

  • SitusAMC suffered a cyberattack on November 12, compromising mortgage data.
  • JPMorgan, Citi, and Morgan Stanley client data, including SSNs, was exposed.
  • The FBI is leading the investigation into the breach.
  • 97% of top U.S. banks have faced third-party vendor breaches in the last year.

Federal authorities have launched an investigation into a major cyberattack targeting SitusAMC, a critical third-party vendor for the housing finance industry, which reportedly compromised sensitive mortgage data at JPMorgan Chase, Citigroup, and Morgan Stanley. The breach, which occurred on November 12, exposed millions of records including Social Security numbers and loan application details.

SitusAMC confirmed the incident on Saturday, stating that the firm has spent nearly two weeks assessing the scope of the unauthorized access. According to the New York Times, the company—which provides mortgage origination and processing services to hundreds of lenders—notified law enforcement immediately. CEO Michael Franco stated that the company is collaborating with third-party forensic specialists to analyze the affected data.

The Federal Bureau of Investigation (FBI) has assumed charge of the probe. “While we are working closely with affected organizations and our partners to understand the extent of potential impact, we have identified no operational impact to banking services,” said FBI Director Kash Patel in a statement cited by the New York Times. Investigators are currently working to determine how the hackers gained access to the vendor’s systems.

The breach has heightened concerns regarding the financial sector’s reliance on third-party service providers. Citing a study by SecurityScorecard, the International Business Times reported that 97% of the top 100 U.S. banks have experienced at least one third-party data breach in the past year. Banks like JPMorgan and Morgan Stanley have been alerted that their clients’ residential mortgage data may have been impacted.

Cybersecurity Risk Outlook

The involvement of the FBI and the specific targeting of mortgage data suggest this breach poses a significant privacy threat rather than a direct operational threat to banking infrastructure. As financial institutions increasingly rely on concentrated vendor networks for data processing, this incident is likely to trigger rigorous regulatory reviews of third-party risk management standards. The primary focus for investigators will now be tracing the data exfiltration path and mitigating potential identity fraud risks for affected borrowers.

Related Stories

Iberia Airlines Confirms Third-Party Cyberattack Compromising Customer Data
Data-Driven Decision Making: How to Build a Culture of Data in Your Company
EU Data Act Unleashed: How Consumers and Businesses Gain Control of Their Data
Tech Billionaires vs. Wall Street Billionaires: A Power Struggle
Asian Markets Plunge Amid Valuation Fears: How Wall Street Warnings Impact Your Portfolio
byEditorial Staff
Updated
Add a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore more

Secret Link