A cyberattack on a company tied to the real estate lending market has sparked a rush to assess the stolen data and identify affected banks.
The company identified a system intrusion on Nov. 12 and notified customers of potential exposure shortly thereafter.
“We commenced an investigation with the assistance of leading experts, notified (and continue to cooperate with) federal law enforcement authorities, and began taking measures to assess and contain the incident,” the New York City-based company said. “The incident is now contained and our services are fully operational. No encrypting malware was involved.”
The extent of the incident is still under investigation by the company and third-party advisors, SitusAMC added. It also remains unknown who was behind the data breach.
SitusAMC has more than 1,500 clients, including major Wall Street banks such as Citigroup, JPMorgan Chase, and Morgan Stanley. The technology vendor also works with asset managers, insurance firms, pension funds, and private equity firms.
Spending Big on Cybersecurity
This past summer, security firm KnowBe4 estimated that financial services companies worldwide experience up to 300 times as many cyber incidents each year as other industries. Last year saw a 25 percent year-over-year increase in these events.Third-party infiltration has been the most common tactic in cyberattacks, with 97 percent of major U.S. financial institutions reporting a third-party breach in 2024.
As a result, the finance industry is spending billions on cybersecurity.
“The fraudsters get smarter, savvier, quicker, more devious, more mischievous,” Mary Callahan Erdoes, the bank’s asset and wealth management chief, said at a World Economic Forum event in January 2024. “It’s so hard, and it’s going to become increasingly harder, and that’s why staying one step ahead of it is really the job of each and every one of us.”
But while banks are also employing AI-driven strategies, unscrupulous individuals and outfits are using the same technology for nefarious purposes.
AI-powered cyberattacks are becoming more common—and more advanced. Ransomware attacks, malicious agent-based AI, deepfakes, social-engineering attacks, and AI-fueled phishing have become ubiquitous in cybercrime as technology continues to evolve.

“The attackers used AI’s ‘agentic’ capabilities to an unprecedented degree—using AI not just as an advisor, but to execute the cyberattacks themselves,” the report stated.
“The threat actor—whom we assess with high confidence was a Chinese state-sponsored group—manipulated our Claude Code tool into attempting infiltration into roughly thirty global targets and succeeded in a small number of cases.”
The trend, says Ruggero Contu, senior director analyst at Gartner, will persist for years to come.
“Established security spending will continue as normal, but some organizations are being more cautious with any new security spending in this highly uncertain and challenging climate,” Contu said in the July report.
“However, higher defense budgets, rising threats, increasing regulatory pressure and better cybersecurity awareness—especially among small and medium-sized businesses—will keep cybersecurity spending strong in the medium to long term.”







