Third Party Data Breach Exposes Sensitive Information of Banking Customers
January 25, 2026
Wall Street is scrambling after hackers infiltrated SitusAMC, a New York-based real estate data firm serving over 1,500 financial institutions. The cyberattack has potentially exposed sensitive customer data from major banks including JPMorgan Chase, Citigroup, and Morgan Stanley.
SitusAMC discovered unauthorized access to its systems on November 12, 2025, and immediately notified affected clients. The company confirmed that account records, legal agreements, and customer data related to real-estate loans and mortgages were compromised. Fortunately, no ransomware or encrypting malware was deployed, and services remained fully operational.
Who Is Affected?
Customers of major financial institutions that use SitusAMC for mortgage payment processing may be at risk. The breach could expose personally identifiable information, financial account details, and legal documents. The FBI is investigating, but has confirmed that there is no operational impact to banking services at this time.
What Victims Should Do:
If you’re a customer of JPMorgan, Citi, Morgan Stanley, or other major banks, take immediate action:
- Monitor your bank accounts and credit reports for suspicious activity
- Enable fraud alerts with credit bureaus
- Change online banking passwords immediately
- Watch for phishing emails claiming to be from your bank
- Consider placing a credit freeze with major credit bureaus
- Prevention Tips
Protect yourself from future breaches by using strong, unique passwords for each financial account, enabling two-factor authentication, and regularly reviewing account statements. Be skeptical of unsolicited communications requesting personal information, even if they appear legitimate.
Financial institutions are conducting forensic reviews to determine the full extent of the breach.
SUBSCRIBE TO WEEKLY NEWSLETTER
