Subscribe
Data Breach
Past Updates
Media Inquiries: mediarelations@situsamc.com
UPDATE (December 09, 2025):
SitusAMC continues to work with leading third-party experts on the forensic analysis, which we hope to complete soon. We remain confident that the incident is contained and the threat actor was eradicated from our systems. Further, we remain fully operational and continue to serve our clients. Importantly, for our warehouse finance and custody clients, our analysis has not identified any evidence to indicate that the unauthorized actor accessed or attempted to access the emBTRUST or ProMerit applications.
Our review of the compromised files is also underway. This process will take time to complete, but we are bringing all available resources to bear to complete the data review as rapidly as possible. Once the review is complete, impacted clients will be contacted directly with information on how to request secure electronic access to impacted data information related to such clients. We will also coordinate with impacted clients related to any consumer notifications that may be required.
We appreciate your patience and partnership. We will continue to provide further updates as more information becomes available.
_______________
UPDATE (December 01, 2025):
Through the holiday and past weekend, SitusAMC worked diligently with its third-party experts to meaningfully advance our document review process concerning impacted data. We are continuing to work as quickly as possible to appropriately assess the impacted data and evaluate any associated notification requirements. We will continue to communicate with impacted clients directly as additional relevant information is identified.
While we expect this process to take time, we are working expeditiously with our third-party experts to address questions concerning impacted data.
We greatly appreciate our clients’ continued patience and partnership as we work through the data review.
_______________
UPDATE (November 25, 2025):
SitusAMC has been diligently working on our data review process, and the current phase of that process includes conducting keyword searches to identify our clients’ names in certain file paths that we know were impacted.
Certain clients received letters beginning November 25, 2025, stating that we found their organization’s name in the affected file paths that were impacted. Precisely correlating specific documents to specific organizations will require a deeper review of the underlying files than this initial keyword search, but we are providing these updates in the interest of transparency to our clients.
We have bifurcated documents into two sections, the (i) corporate files consisting of accounting (ex. Invoices) and legal records and (ii) client files consisting of files related to our client’s business activities. These client files are generally associated with our residential Collateral and Asset Management offering which focused largely on assignments and recording of mortgages. However, a smaller number of other records may also be included in these areas related to various businesses at SitusAMC and some records associated with loan file due diligence in our residential business. If you received just a corporate file PDF but not a client file PDF that means that we currently do not have client file records to share with you.
Please note that if you receive a letter, that means our keyword search identified your organization’s name in the affected file paths. That does not mean that all the files in the path belong to you or your organization as e-discovery will be engaged to further refine the initial keyword searches. That also does not mean that no other file paths will be found to be associated with your organization as more information becomes available.
Please note that we have not yet conducted a review of the content of any impacted files, but that is the next step in our process.
We appreciate the continued patience of our clients and will keep sharing relevant updates as appropriate.