SitusAMC confirms breach of client data after cyberattack

SitusAMC confirms breach of client data after cyberattack

Briefly

"Real estate finance business SitusAMC says thieves sneaked into its systems earlier this month and made off with confidential client data. The full breadth of what that data entails remains under investigation, but the company said accounting records and legal agreements were stolen, and in some cases its clients' customer data may also be affected. New York City-based SitusAMC said it is working with federal law enforcement and other experts to investigate the attack, which was confirmed on November 15 and did not involve "encrypting malware.""

"Notifications were sent to customers suspected of being affected on November 16, and all customers were informed on November 22. The FBI confirmed it is working with SitusAMC on its investigation, and supported the company's claim that its services remain fully operational. It said that the steps it took to harden systems against future attacks include resetting staff credentials, disabling remote access tools, updating firewall rules, and enhancing security settings."

"The full scope of the attack is still being assessed, and the company did not name any of its clients, affected or otherwise. However, reporting from the New York Times suggests major banks could be caught up in the intrusion. Citing anonymous sources, the newspaper reported that Citi, JPMorgan Chase, and Morgan Stanley were among the institutions that were notified as being potentially affected by the tech vendor."