SitusAMC
Data Breach Class Action Lawsuit

Posted: November 23, 2025 -- Attention, victims of the SitusAMC data breach.

Abington Cole + Ellery is investigating the data breach recently announced by SitusAMC.

SitusAMC Data Breach Summary:

An UNKNOWN number of individuals were affected by the SitusAMC data breach, and breached data may include, but is not necessarily limited to: accounting records and legal agreements.

If you are a victim of the SitusAMC data breach, and interested in potentially volunteering to serve as a class representative in a class action lawsuit against SitusAMC, please submit your information here to be considered:

An attorney-client relationship is not formed by submitting information through this website.

SitusAMC Data Breach Details:

On November 12, 2025, SitusAMC identified a cybersecurity incident that compromised portions of its internal systems, leading to the unauthorized access of corporate-related data tied to select client engagements, including accounting documents and legal contracts; certain customer information linked to those clients may also have been affected, though the precise extent remains under review. The breach did not involve encrypting malware, but details on the intrusion method or exploited weaknesses have not been disclosed publicly.

In response, the firm promptly engaged cybersecurity specialists and federal authorities to investigate and contain the issue, confirming that operations have resumed normally while implementing safeguards such as resetting credentials, restricting remote tools, and refining firewall configurations. As of the November 22, 2025 announcement, SitusAMC continues to analyze impacted data with client updates forthcoming, advising affected parties to contact securitynotice@situsamc.com for inquiries.

Reports indicate that the SitusAMC data breach has potentially exposed client data from several major U.S. financial institutions, though the company itself has not publicly named any affected parties. According to sources familiar with the matter cited in multiple outlets, JPMorgan Chase, Citigroup (Citi), and Morgan Stanley were notified that their customer information, including sensitive details from real estate loan applications such as Social Security numbers, may have been compromised as part of the unauthorized access to corporate records and related client files. The Federal Bureau of Investigation is collaborating with these organizations to evaluate the breach's scope, with no reported disruptions to banking operations. SitusAMC continues its forensic analysis, emphasizing that the incident was contained without involving ransomware.

It is unclear if SitusAMC is offering credit monitoring and/or identity theft protection services to any affected individuals at this time.

Additional information about the SitusAMC data breach may be found here: SitusAMC Data Breach Statement. The SitusAMC Website may also have additional information about or provide periodic updates regarding the data breach.

About SitusAMC:

SitusAMC operates as a specialized provider of integrated solutions within the real estate finance sector, focusing on support for both commercial and residential lending processes. Established to address operational needs across the full lifecycle of real estate transactions, the company delivers services such as underwriting, due diligence, portfolio management, valuations, and secondary market execution. Its data and analytics offerings further assist in risk assessment and compliance, while strategic outsourcing and advisory components help institutions streamline complex workflows. With a footprint spanning the United States and Europe, SitusAMC manages substantial volumes of assets, including over $459 billion in unpaid principal balances for commercial real estate and monthly evaluations exceeding $2.1 trillion in related assets and debt.

In the residential segment, SitusAMC functions as a prominent third-party reviewer, having processed more than 238,000 loan files in 2024 and facilitated trades involving over $1 trillion in mortgage servicing rights and whole loans since 2017. For commercial activities, it supported $20.7 billion in new originations and 50 rated securitizations during the same year. The organization maintains a neutral stance on industry dynamics, emphasizing scalable technology and talent solutions to adapt to regulatory changes and market fluctuations. Recent developments include a leadership addition in commercial revenue oversight and a bronze-level sustainability rating from EcoVadis, reflecting ongoing efforts to incorporate environmental considerations into operations.

Additional References:

>>> Bloomberg: Banks, FBI Assessing Hack of Real Estate Finance Tech Vendor

>>> New York Times: A Swath of Bank Customer Data Was Hacked. The F.B.I. Is Investigating

>>> CNN: Wall Street banks scramble to assess fallout from hack of real-estate data firm

>>> Seeking Alpha: Chase, Citi, Morgan Stanley assess fallout of vendor hack - report

For more information about steps you can take to possibly reduce the chances harm arising from a data breach, please review the following article: What are some steps you can take if you've been the victim of a data breach?

If you believe you are a victim of the SitusAMC data breach, and if you would like to volunteer to serve as a class representative in a class action lawsuit regarding this data breach, please submit your information via the form on this webpage. This website is not associated with nor authorized by SitusAMC or any affiliated companies. If you have received any other data breach notifications, you may to review Abington Cole + Ellery's current list of data breach investigations.