Data Breach

Media Inquiries: mediarelations@situsamc.com
 

STATEMENT

November 22, 2025 - On November 12, 2025, SitusAMC (“we” or the “Company”) became aware of an incident that we have now determined resulted in certain information from our systems being compromised. Corporate data associated with certain of our clients’ relationship with SitusAMC such as accounting records and legal agreements has been impacted. Certain data relating to some of our clients’ customers may also have been impacted.  The scope, nature and extent of such impact remains under investigation by the Company and its third-party advisors.

Upon becoming aware of the incident, we commenced an investigation with the assistance of leading experts, notified (and continue to cooperate with) federal law enforcement authorities, and began taking measures to assess and contain the incident.  The incident is now contained and our services are fully operational. No encrypting malware was involved.

We are in direct, regular contact with our clients about this matter. We remain focused on analyzing any potentially affected data and will provide updates directly to our clients as our investigation progresses. 

_______________

UPDATE
December 1, 2025

Through the holiday and past weekend, SitusAMC worked diligently with its third-party experts to meaningfully advance our document review process concerning impacted data. We are continuing to work as quickly as possible to appropriately assess the impacted data and evaluate any associated notification requirements. We will continue to communicate with impacted clients directly as additional relevant information is identified.  

While we expect this process to take time, we are working expeditiously with our third-party experts to address questions concerning impacted data.  

We greatly appreciate our clients’ continued patience and partnership as we work through the data review. 

Sample Client Letter

Dated November 25, 2025

Dear Client,  

Following up on our prior communications, on or about November 12, 2025, SitusAMC (“we” or the “Company”) became aware of an incident that resulted in certain information from our systems being compromised. As described further below, we have now confirmed that certain information related to you was acquired by an unauthorized third-party during the incident. 

What Information Was Involved: While our investigation remains ongoing, we want to provide you with an update regarding certain information related to you that we have determined was acquired by the unauthorized actor. Specifically, we have file paths associated with certain files that were acquired by the unauthorized actor. We conducted word searches against these file paths to identify file paths that include your name in the file path. The searched file paths are related to (i) files associated with our residential Collateral and Asset Management (CAM) system, and (ii) SitusAMC corporate files that generally include legal contracts and accounting documents. We note that this is not a review of the content of any impacted files, but rather a listing of relevant file paths likely related to you. A list of these file paths is attached hereto for your review.       

We are working to review the impacted files and intend to provide you with access to the files that belong to you or your customers via a virtual data room. In addition, as we have previously advised, our investigation remains ongoing. We will notify you if we identify additional impacted files related to you, including loan files associated with residential loan file reviews. 

How We Responded: Upon becoming aware of the incident, the Company commenced an investigation with the assistance of leading experts, notified and is continuing to cooperate with federal law enforcement authorities, and began taking measures to assess and contain the incident.  

Our systems and services remain fully operational, and we are providing full service to our clients. The incident is contained and did not involve encrypting malware.  

What We Are Doing: Upon learning of the incident, we took prompt steps to investigate the nature and scope of the incident with the assistance of leading experts. We notified and continue to closely coordinate with federal law enforcement. We took measures to further secure our systems and are monitoring them to further identify any data that may have been impacted.   

We take this matter and the security of our clients’ information very seriously. If you have additional questions, please reach out to securitynotice@situsamc.com. Thank you for your ongoing partnership with SitusAMC. 

Sincerely, 

SitusAMC