Vendor hack might have exposed major banks’ client data

Customer data of JPMorgan Chase, Citi, Morgan Stanley and other major banks may have been hacked by a technology vendor, the New York Times reports.

SitusAMC said in a statement on its website on Saturday that it was subject to a cyber attack on November 12, that some information from its systems was compromised and that “data related to some of our customers’ customers may have also been affected.”

The New York-based real estate lender did not identify any of its affected customers.

JPMorgan Chase, Citi and Morgan Stanley did not immediately respond to Reuters requests for comment.

SitusAMC said the affected data includes corporate information tied to some customers’ relationships with the company, including items such as accounting documents and legal contracts.

“We continue to focus on analyzing potentially impacted data,” SitusAMC CEO Michael Franco told the New York Times, adding that the company had notified law enforcement.

“While we are working closely with affected organizations and our partners to understand the extent of the potential impact, we have not identified any operational impacts to banking services,” FBI Director Kash Patel told the newspaper.

Reuters could not immediately reach the FBI for comment.

In the SitusAMC statement, it was stated that the incident was under control and the services were fully operational, and there was no encryption malware involved.