Several major US financial institutions are on high alert following a cyber breach at SitusAMC, a key technology provider serving the mortgage industry. The incident, discovered on November 12, exposed sensitive data belonging to both banks and their customers.

In a notification sent to affected organizations, SitusAMC confirmed that corporate data tied to client relationships—including accounting records and legal agreements—was accessed without authorization. The firm also acknowledged that certain customer information may have been compromised, noting that the “scope, nature, and extent” of the breach remains under review by the company and external investigators.

The potential impact is significant. SitusAMC supports mortgage origination, servicing, and payment processing for hundreds of lenders nationwide. Sources familiar with the investigation report that leading banks such as JPMorgan Chase, Citigroup, and Morgan Stanley have been alerted to possible exposure of their client data.

In response to the attack, SitusAMC has deployed several containment measures, including credential resets, restrictions on remote access, firewall rule updates, and additional security enhancements. The investigation is ongoing as financial institutions assess the potential risks posed by the incident.