SitusAMC, a prominent provider of financing services for real estate clients, including major banks and lenders, has publicly confirmed that a recent security incident resulted in the exposure of customer data. The firm specializes in managing critical back-office functions for financial institutions, covering areas such as mortgage origination, servicing, valuation, and compliance. This extensive support infrastructure helps manage global assets valued at over $500 billion.
Serving approximately 1,500 clients, which include banking giants like JPMorgan Chase and Citi, SitusAMC operates with a workforce of around 4,500 employees and generates roughly $1 billion in annual revenue. The breadth of its operations means the compromised systems contained sensitive information relating to both its clients and their end customers.
The company first became aware of the incident on November 12, 2025, and has since commenced a thorough investigation with the assistance of external cybersecurity experts. SitusAMC also confirmed that it has notified and is actively cooperating with federal law enforcement authorities regarding the compromise.
In its public notice, the organization assured stakeholders that the breach has been assessed and contained. The company specifically clarified that its business operations have not been impacted and that the incident did not involve encrypting malware, ruling out a typical ransomware attack scenario.
SitusAMC is currently focused on analyzing the potentially affected data and is maintaining direct, regular contact with its clients to provide updates on its progress. However, the company has not yet specified which clients were affected, nor has it publicly disclosed the total number of customers whose data may have been compromised during the breach.
Reference:
