SitusAMC, which employs approximately 5,000 people and is owned by several private equity firms, provides loan origination, servicing, and regulatory compliance services to major lenders. The company’s role in mortgage processing involves handling extensive personal information, including Social Security numbers, financial account details, and employment records, as found on loan applications.
The company said that the incident is now contained and services remain fully operational. No encrypting malware was involved, indicating threat actors focused on data exfiltration rather than ransomware deployment, according to the advisory.
The scope of the breach remains under investigation. SitusAMC said it implemented several security measures following the incident, including credential resets, disabling remote access tools, updating firewall rules, and enhancing security settings.
