SitusAMC, a third-party service provider for the real estate and financial services industry, experienced a significant data breach that exposed the personal information of customers at several major U.S. financial institutions. The incident stemmed from the exploitation of a zero-day vulnerability in the MOVEit Transfer managed file transfer software, a widely reported security flaw.

The breach, discovered by SitusAMC on May 31, 2023, involved unauthorized access to the company’s systems. As a result, financial giants including JPMorgan Chase, Bank of America, U.S. Bank, Morgan Stanley, Citizens Bank, Fidelity, and TIAA have since filed data breach notifications with regulators. These filings confirm that their customers’ data was compromised due to the security event at their vendor, SitusAMC.

Impacted Institutions and Data Exposure

Following the breach at SitusAMC, the affected banks began notifying impacted individuals. JPMorgan Chase reported that 451,809 individuals were affected by the incident. The exposed data varied between the institutions but generally included sensitive personal information.

According to breach notification letters, the compromised information included customer names, addresses, and in many cases, Social Security numbers. Other exposed data points reported by the financial firms included loan numbers and other financial account information. The breach occurred because these banks used SitusAMC for various business and technology services related to the real estate finance sector.

Cl0p Ransomware and Third-Party Risk

The cybercriminal group responsible for exploiting the MOVEit Transfer vulnerability is the Cl0p ransomware gang. This group targeted hundreds of organizations globally by leveraging the flaw in the file transfer software. SitusAMC confirmed it launched an investigation with the assistance of external cybersecurity experts upon discovering the intrusion.

The company also notified law enforcement agencies about the security incident. This event highlights the significant risks associated with third-party vendors, where a security failure at a single service provider can have a cascading effect, impacting multiple large organizations and their extensive customer bases.

Source: https://www.securityweek.com/major-us-banks-impacted-by-situsamc-hack/