Customer data from Wall Street banks breached, JPMorgan and Citi affected
A hacker attack on SitusAMC, a popular vendor for elite Wall Street banks, may have exposed JPMorgan, Morgan Stanley, Citi, and other financial institutions’ customer details.
-
SitusAMC breach potentially exposed customer data at JPMorgan, Morgan Stanley, Citi, and other major Wall Street banks
-
The vendor processes mortgage payments for top US banks, making this a significant supply chain attack
-
Exposed data may include personal customer information and legal details
-
Attackers target vendors because one breach impacts multiple organizations
SitusAMC, a real estate finance and tech firm, has released a breach notice, explaining how the company became a victim of a hacker attack. According to the company, it learned about the incident on November 12th, eventually finding that malicious actors may have accessed sensitive data.
What makes the SitusAMC breach stand out is that the company provides services to major Wall Street banks and hundreds of other financial institutions. According to reporting by the New York Times, the company has informed JPMorgan, Morgan Stanley, and Citi that their data may have been a casualty in the attack.
Numerous organizations use SitusAMC to collect money from real estate loans and mortgages. Reportedly, the top 20 American banks all use the company’s services. Meanwhile, SitusAMC’s breach notice explained that legal documents as well as its clients' customer details may have been exposed.
“Corporate data associated with certain of our clients’ relationship with SitusAMC such as accounting records and legal agreements has been impacted. Certain data relating to some of our clients’ customers may also have been impacted. The scope, nature and extent of such impact remains under investigation by the Company and its third-party advisors,” SitusAMC explained.
Since the breached vendor deals with mortgage payments, exposed data may include personally identifiable information (PII) as well as lender’s customers’ financial account information. Dark web attackers would have a field day with this type of data, as it enables them to attempt anything from identity theft to targeted social engineering attacks.
However, at the time of writing it is unclear exactly what customer details may have been exposed and how many were unfortunate enough to have their data stolen. The company has also not detailed what type of attack it was – a ransomware attack or a breach carried out by a “lone wolf.”
According to SitusAMC breach notice, “no encrypting malware was involved,” hinting the breach did not involve a ransomware cartel.
“We are in direct, regular contact with our clients about this matter. We remain focused on analyzing any potentially affected data and will provide updates directly to our clients as our investigation progresses,” SitusAMC’s breach notice states.
Curious what others think about this story? Contribute your thoughts to the debate below.
According to reports by the CNN, the FBI is aware of the incident and is investigating its true extent. FBI Director Kash Patel is quoted to say that the Bureau has “identified no operational impact to banking services.”
SitusAMC is a major player in the real estate solutions market with a reported revenue of over $1.1 billion and over 4,000 staff dispersed across 25 global locations.
Third-party hack bonanza
Vendor attacks are a gold mine for malicious actors, as recent data breaches have shown. For example, attackers recently breached Marquis, a Texas-based digital marketing, compliance solution and CRM software provider, working with over 700 banks in the US.
So far, at least two lenders came forward admitting that the attack impacted their customers, with cybercrooks likely accessing financial account info as well as Social Security numbers (SSNs) and other sensitive data. In Marquis' case, however, the company was the victim of a ransomware gang.
Ransomware cartels particularly like breaching third-party vendors as it leaves criminals with numerous malicious options to choose from. If the initial target refuses to pay, ransomware groups can turn to their clients, demanding payment for not releasing data.
One of the most notorious third-party attackers in recent memory is the Russia-linked Cl0p ransomware cartel. The company has terrorized dozens of companies after exploiting a security flaw in Oracle E-Business Suite (EBS).
The Washington Post, Harvard University, Oracle itself and many other companies had sensitive data stolen by the gang.
FAQ about the SitusAMC data breach
Which banks were exposed to SitusAMC breach?
Media reports indicate SitusAMC contacted JPMorgan, Citi and Morgan Stanley about the breach. However, some experts say that SitusAMC works with most of the top American banks.
Does SitusAMC data breach impact bank operations?
According to a widely quoted statement from the director of FBI Kash Patel, authorities see no operational impact to banking services.
Who hacked SitusAMC?
The investigation is still ongoing. So far, no culprits were identified. SitusAMC’s statement indicated the attack was not a ransomware attack.
Unlock more exclusive Cybernews content on YouTube.
