SitusAMC $5.3M Data Breach Settlement Awaits Approval
Data Breach · Settlement Pending Approval

SitusAMC $5.3M Data Breach Settlement: Judge Wants More Details Before Approval

Published July 17, 2026

SitusAMC, a mortgage-services vendor for major banks including JPMorgan Chase and Citi, agreed to a $5.3 million settlement over its November 2025 data breach affecting roughly 662,792 people. There is nothing to claim yet — the judge has asked for more information before approving the deal, and no settlement website exists.

SitusAMC data breach class action settlement — $5.3 million proposed fund over the November 2025 breach at the mortgage services provider
SitusAMC provides technology and back-office services for the real estate finance industry; the breach reportedly exposed data belonging to customers of several major banks.

What Is This About?

SitusAMC Holdings Corporation, a New York-based technology and services provider for the real estate finance industry, has agreed to a proposed $5.3 million class action settlement over its November 2025 data breach. The consolidated case is led by Kelechian v. SitusAMC Holdings Corp., Case No. 1:25-cv-09748, in the U.S. District Court for the Southern District of New York before Judge Lewis J. Liman.

The settlement has not been approved. In late June 2026, Judge Liman asked the plaintiffs for additional information about the settlement's administration and public notice plan — including the budget for settlement administration costs — saying those details are necessary before he can grant preliminary approval. Until that happens, there is no settlement website, no claim form, and no deadline.

Status Settlement Pending Preliminary Approval Judge requested more notice & administration details in late June 2026
Proposed Fund $5.3 Million ~662,792 people · up to $5,000 documented losses · ~$75 estimated pro rata · 1 year credit monitoring
Can I Claim? Not Yet No settlement website or claim deadline exists — beware of imposter claim sites

The November 2025 SitusAMC Breach

SitusAMC says it became aware of unauthorized access to systems in its IT network on November 12, 2025. According to the company and state attorney general breach filings, an unauthorized third party accessed and acquired data in the days that followed, and consumer notices report the exposed information included names, addresses, dates of birth, and Social Security numbers for at least some individuals. Earlier breach filings also reportedly listed driver's license numbers and financial account information among the affected data types.

The company notified its clients on November 22, 2025, and publicly confirmed the incident about two days later. SitusAMC said no ransomware was deployed, its operations were not disrupted, and it notified and began cooperating with the FBI. Because SitusAMC processes mortgage and asset-management data for financial institutions, customers of major bank clients — including JPMorgan Chase, Citi, and reportedly Morgan Stanley — were among those whose data was potentially exposed. Affected individuals began receiving mailed breach notices on January 28, 2026, with an offer of complimentary credit monitoring.

How the Class Actions Unfolded

The first proposed class action was filed on November 24, 2025 — two days after clients were notified — by a JPMorgan Chase customer whose data was allegedly exposed. Multiple similar complaints followed, and on December 19, 2025, Judge Liman consolidated them into a single case, appointing interim class counsel and an executive committee. The consolidated complaint asserts negligence and related claims; SitusAMC denies wrongdoing and has not been found liable.

In late June 2026, the parties asked the court to preliminarily approve a settlement. According to the motion papers, the deal would create a $5.3 million fund for a class of roughly 662,792 people, with SitusAMC depositing $300,000 for notice costs upon preliminary approval and the remaining $5 million within ten days of final approval. Class counsel plan to seek fees of about one-third of the fund, plus service awards of $2,500 for the class representatives.

What Would Class Members Get?

If the court approves the settlement as proposed, class members could receive:

• Reimbursement of up to $5,000 for documented out-of-pocket losses tied to the breach
• A pro rata cash payment, estimated in the motion papers at about $75 per person
• One year of credit monitoring including $1 million in identity-theft insurance
• A separate statutory payment for California class members

These terms are proposals, not final benefits — the amounts and claim process could change before a court-approved notice program begins.

What Happens Next?

The plaintiffs must satisfy Judge Liman's request for more detail on the notice plan and administration budget. If preliminary approval is granted, a settlement administrator would launch an official settlement website and notice program, and class members would receive instructions on how to file claims, opt out, or object — along with the deadlines for each. OpenClassActions will update this page when a claims process opens.

Until then, be careful: no legitimate SitusAMC claims website exists yet. If you receive an email or see a site offering to file a SitusAMC claim for you today, treat it with suspicion. You can track other breach cases with open claim windows on our data breach settlements hub.

Frequently Asked Questions

What happened in the SitusAMC data breach?

SitusAMC discovered unauthorized access to its IT network on November 12, 2025. An unauthorized third party accessed and acquired data reportedly including names, addresses, dates of birth, and Social Security numbers. The company says no ransomware was involved and that it reported the incident to the FBI.

How much is the settlement?

The proposed fund is $5.3 million for roughly 662,792 people — up to $5,000 for documented losses, an estimated $75 pro rata payment, one year of credit monitoring, and a separate California statutory payment. The court has not yet approved the deal.

Can I file a claim yet?

No. The settlement is awaiting preliminary approval and there is no official settlement website, claim form, or deadline. A claims process would only begin after the court approves the notice plan.

Why is approval delayed?

Judge Liman asked the plaintiffs for more information about settlement administration and the public notice plan, including the administration budget, before he will grant preliminary approval. He has not rejected the settlement.

Who is covered?

The proposed class covers roughly 662,792 people whose personal information was involved in the breach, many of them customers of financial institutions that used SitusAMC's services. Affected people were mailed notices beginning January 28, 2026.

Sources

SitusAMC — Official Data Breach Statement
National Mortgage News — SitusAMC agrees to $5.3 million settlement over data breach
HousingWire — SitusAMC class actions consolidated after data breach
TechCrunch — US banks scramble to assess data theft after breach at financial tech firm
FINRA — Cybersecurity Alert: SitusAMC Security Incident
• Kelechian v. SitusAMC Holdings Corp., Case No. 1:25-cv-09748 (S.D.N.Y.)


For more class actions keep scrolling below.
Status Settlement pending preliminary approval
Proposed Settlement $5.3 million
Case Title Kelechian v. SitusAMC Holdings Corp.
Case Number 1:25-cv-09748
Court U.S. District Court, Southern District of New York
Date Filed November 24, 2025

More on Data Breach Settlements & Lawsuits