Major U.S. Banks' Customer Data Breach Sparks FBI Investigation

SitusAMC cyberattack data breach JPMorgan Chase Citibank Morgan Stanley financial data exposure supply chain risk FBI investigation
Edward Zhou
Edward Zhou

CEO & Co-Founder

 
November 24, 2025 3 min read
Major U.S. Banks' Customer Data Breach Sparks FBI Investigation

TL;DR

A cyberattack on SitusAMC, a mortgage tech vendor, has potentially exposed sensitive customer data, including Social Security numbers and financial details, from major institutions like JPMorgan Chase, Citibank, and Morgan Stanley. The FBI is investigating this significant supply chain risk, prompting banks to heighten internal security reviews and prepare customer notifications.

Sensitive Data Exposed in SitusAMC Cyberattack

Description: A major cyberattack on mortgage tech vendor SitusAMC has potentially exposed sensitive customer data from several major financial institutions, including JPMorgan Chase, Citibank, and Morgan Stanley. The FBI is investigating the breach, which has raised concerns about supply chain cyber risks in the financial sector.

Major Financial Institutions Affected

Several major financial institutions are assessing the potential damage from a cyberattack on SitusAMC, a vendor used by hundreds of banks for processing real estate loans and mortgages. JPMorgan Chase, Citibank, and Morgan Stanley have been notified that client data may have been stolen. A JPMorgan spokesperson clarified that the bank itself was not directly hacked, according to The New York Times.

Sensitive customer data of America’s biggest banks including JPMorgan and Morgan Stanley may have exposed in vendor hacking

Image courtesy of The Times of India

Sensitive Personal Data at Risk

The breach at SitusAMC has raised alarms due to the sensitive information it handles, including Social Security numbers and other financial data from loan applications. According to The420.in, the compromised data may include:

  • Social Security numbers
  • Bank account details
  • Loan applications and supporting documents
  • Income and tax filings
  • Property-linked identification records

This type of information could increase the risk of identity theft and financial scams. SitusAMC CEO Michael Franco stated that the company has notified law enforcement. More information can be found on The Times of India.

FBI Monitoring the Situation

The FBI is monitoring the situation and working with affected organizations to understand the potential impact. FBI Director Kash Patel stated that they have not identified any operational impact to banking services, as noted in The Times of India. SitusAMC serves as essential infrastructure for the real estate lending industry, offering services including loan origination, collection, and regulatory compliance.

Banks Heighten Internal Risk Reviews

Major banks have initiated their own risk assessments and are preparing to issue security notifications and fraud-monitoring assistance to customers. Executives fear the exposure could lead to regulatory reviews and potential litigation if consumers report financial harm, as reported by The420.in. SitusAMC has acknowledged the breach and confirmed that a forensic investigation is underway.

Supply Chain Cyber Risks

The FBI investigation reflects the potential national-level implications of the breach, treating it as a significant threat vector due to the attack striking a key third-party vendor. Financial regulators have warned banks that smaller technology partners often lack the necessary cybersecurity infrastructure. According to The420.in, a cybersecurity analyst stated that even the largest U.S. banks can be compromised indirectly when third-party service providers fall short.

Gopher Security specializes in AI-powered, post-quantum Zero-Trust cybersecurity architecture, offering a robust alternative to traditional security measures. Our platform converges networking and security across devices, apps, and environments—from endpoints and private networks to cloud, remote access, and containers—using peer-to-peer encrypted tunnels and quantum-resistant cryptography. Contact us to learn more about how we can help protect your organization.

Edward Zhou
Edward Zhou

CEO & Co-Founder

 

CEO & Co-Founder of Gopher Security, leading the development of Post-Quantum cybersecurity technologies and solutions.

Related News

AI-Driven Cybersecurity Innovations: The Future of Threat Prevention
AI agents security

AI-Driven Cybersecurity Innovations: The Future of Threat Prevention

AI agents are prime targets for cyberattacks. Discover evolving threats like prompt injection & AI-powered exploits, and learn how to fortify your defenses. Read now!

By Brandon Woo January 22, 2026 5 min read
common.read_full_article
GootLoader Malware Evades Detection Using Nested ZIP Archives
GootLoader

GootLoader Malware Evades Detection Using Nested ZIP Archives

GootLoader is back with advanced tricks, using malformed ZIPs to bypass security & target businesses. Learn how to detect and defend against this threat. Protect your assets!

By Edward Zhou January 21, 2026 3 min read
common.read_full_article
WhisperPair Vulnerability: Millions of Bluetooth Devices at Risk
WhisperPair attack

WhisperPair Vulnerability: Millions of Bluetooth Devices at Risk

Millions of Bluetooth audio devices are at risk from the WhisperPair vulnerability. Learn how attackers can eavesdrop and track your devices, and what you can do to protect yourself. Update your firmware now!

By Jim Gagnard January 20, 2026 3 min read
common.read_full_article
Tech Hiring Growth: 12-15% Increase in AI and Data Jobs by 2026
India tech job market

Tech Hiring Growth: 12-15% Increase in AI and Data Jobs by 2026

India's tech job market is set for a 12-15% surge in 2026, creating 1.25 lakh roles. Discover key sectors and skills in demand. Read more!

By Edward Zhou January 19, 2026 3 min read
common.read_full_article