Initial Identification Stage Based on File Paths, "Actual Document Content Analysis Not Yet"
US financial and real estate data services company SitusAMC officially confirmed that some client-related data was unauthorized leaked due to a breach incident in its system on November 12. The company stated this incident may affect corporate accounting documents, legal documents, and residential mortgage management (CAM) system-related files -- with scope and damage scale currently under investigation. SitusAMC immediately launched investigation with external security experts upon incident recognition, simultaneously reporting to US federal law enforcement and cooperating. The company explained the breach situation was controlled early (services currently operating normally) and this incident did not involve ransomware encryption attacks. November 25 update: SitusAMC is currently conducting initial review centered on file paths (keyword search) containing client company names to identify files with possible leakage; when file paths containing client company names are discovered, individual notification letters are being sent to those companies. The company stated "this is an initial identification stage based on file paths, not document content analysis -- actual verification of which documents leaked in what manner is still underway." The financial services data sensitivity: SitusAMC serves major financial institutions in mortgage servicing, loan asset management, and real estate valuation -- client data includes borrower personal information, loan details, and property records that are highly regulated and subject to mandatory breach notification requirements; the "file path vs. content" distinction matters because notification obligations typically attach when actual personal data exposure is confirmed rather than suspected.
