Your perimeter controls mean nothing if an attacker compromises a trusted vendor first. The SitusAMC breach in November 2025 exposed data across 100+ financial institutions without touching a single bank directly. Here's why third-party risk has become a top CISO priority.
Key Takeaways
- 97% of U.S. banks and 100% of EU financial institutions experienced indirect data exposure in 2024 following a third-party compromise
- The November 2025 SitusAMC breach exposed data from clients of more than 100 financial institutions, including JPMorgan Chase, Citi, and Morgan Stanley
- AI now allows attackers to scan thousands of vendor codebases instantly, identify zero-day vulnerabilities, and map complex supply chain dependencies in minutes
- Third-party attacks deliberately avoid ransomware to remain undetected longer,making them harder to catch and costlier to contain
- Regulatory pressure is intensifying: the SEC, NYDFS, DORA, and EU AI Act all place third-party risk governance squarely within the CISO's remit
The Perimeter You Don't Control
Financial institutions invest heavily in hardening their own environments: network segmentation, endpoint detection, identity governance, zero-trust architectures. But an attacker who cannot breach your front door will look for the back one. That back door is your vendor ecosystem.
Supply chain and third-party compromise has become one of the most operationally effective attack vectors targeting the financial sector, precisely because it bypasses the security investments institutions make in their own perimeters. Attackers target the less-hardened environments of trusted vendors (mortgage servicers, payment processors, document management firms, cloud software providers) and leverage that access to reach the financial institutions those vendors serve.
The consequences are not hypothetical. They are documented, recurring, and accelerating.
How Third-Party Attacks Work, and How AI Is Making Them Worse
Traditional supply chain attacks required significant manual effort: identifying vendors with access to target institutions, assessing their security posture, finding exploitable vulnerabilities. That reconnaissance was time-consuming and limited the scale of operations.
AI-powered tools now allow attackers to scan thousands of vendor software codebases simultaneously, identifying zero-day vulnerabilities before patches are available. The same tools automate the mapping of complex vendor ecosystems, identifying the weakest link in minutes rather than weeks. Attackers are also beginning to target the AI pipelines of third parties directly; poisoning training data or model outputs to compromise downstream clients without ever touching their systems directly.
The economic logic is compelling: a single successful vendor compromise can provide access to the client data of dozens or hundreds of financial institutions simultaneously. The ROI for attackers has improved dramatically as AI expands both the speed and the scale of what is operationally possible.
The SitusAMC Breach: Third-Party Risk Made Real
In November 2025, SitusAMC (a key vendor providing operational services to the mortgage industry) suffered a significant data breach that sent ripple effects through the financial sector.
The breach was discovered on November 12 and confirmed ten days later. The operation was methodical: attackers accessed SitusAMC systems to exfiltrate corporate data and customer PII tied to residential mortgage portfolios. Crucially, they avoided deploying ransomware, a deliberate choice to remain undetected for as long as possible and maximize the scope of the exfiltration before the breach was identified.
The downstream exposure was extensive. Data for clients of more than 100 financial institutions (including JPMorgan Chase, Citi, and Morgan Stanley) may have been compromised. The FBI confirmed no direct operational impact on the banks themselves, but the reputational, regulatory, and customer notification burden fell squarely on institutions that had no direct involvement in the breach.
The social engineering angle here is what security professionals call silent trust exploitation: attackers did not need to deceive employees at the target banks at all. They exploited the implicit trust between financial institutions and an authorized vendor, entering through what amounts to a pre-approved back door. The incident drew immediate scrutiny from the SEC and the NYDFS, and it has since become a reference point in regulatory discussions about the security of financial sector "digital plumbing", the vendor infrastructure that underpins banking operations but sits outside the direct governance of the institutions it serves.
The Scale of the Problem
The SitusAMC case is a high-profile instance of a systemic pattern.
- 97% of U.S. banks and 100% of EU financial institutions experienced indirect data exposure in 2024 following the compromise of a third-party partner
- AI is enabling attackers to identify and exploit vendor vulnerabilities at a pace that traditional vendor assessment cycles cannot match
- Third-party risk now ranks among the top concerns for financial sector CISOs, alongside AI-driven phishing and executive impersonation
- Regulatory frameworks including DORA, the EU AI Act, and guidance from the SEC and NYDFS are all moving toward mandating stricter third-party oversight and faster incident reporting
The gap between the risk and current governance practices is significant. Many institutions conduct annual vendor assessments against largely static checklists, a cadence that is fundamentally mismatched with the pace at which attacker capabilities and vendor risk profiles are evolving.
Why Existing Third-Party Risk Management Falls Short
- Assessment cycles are too slow. Annual or biannual vendor reviews cannot detect the introduction of new vulnerabilities, changes in vendor security posture, or the emergence of new attack tooling. The SitusAMC breach was a quiet data-exfiltration operation that remained undetected for ten days, and it will not be the last.
- Visibility into the vendor ecosystem is limited. Most institutions have direct relationships with their primary vendors, but limited visibility into those vendors' own third-party dependencies. An attack on a fourth-party provider (a vendor's vendor) can propagate downstream without triggering any of the institution's own monitoring.
- Contractual obligations are not the same as security assurance. Vendor contracts typically require adherence to security standards, but verification of ongoing compliance is inconsistent. Attestations and certifications provide a point-in-time snapshot, not continuous assurance.
- Incident reporting from vendors is often delayed. The ten-day gap between the discovery and confirmation of the SitusAMC breach is not unusual. Many vendor contracts do not require notification within timeframes that would allow financial institutions to act before damage propagates.
Mitigation
Building a Resilient Third-Party Security Program
Continuous vendor monitoring over periodic assessments. Automated, continuous monitoring of vendor security posture, including dark web exposure, vulnerability intelligence, and anomalous access patterns, provides a more accurate picture than annual reviews.
Ecosystem mapping as a security discipline. Understanding not just direct vendors but the full chain of dependencies, and the data flows and access permissions at each node, is a prerequisite for identifying where the real risk lies.
Tiered vendor classification aligned with access and data sensitivity. Not all vendors carry the same risk. A vendor with access to customer PII and authorized network connectivity warrants significantly more rigorous oversight than a provider of generic business services.
Contractual requirements for rapid incident reporting. Vendor contracts should include mandatory breach notification windows and clear processes for joint incident response, not just liability language.
Align with regulatory requirements proactively. DORA, the EU AI Act, and other regulatory frameworks are converging on third-party risk governance as a core compliance domain. Getting ahead of these requirements, rather than reacting to enforcement, is both a risk management and a reputational strategy.
Share threat intelligence across institutions. A vendor compromised in an attack against one bank is a potential attack vector against every bank that vendor serves. Sector-level intelligence sharing through forums like FS-ISAC accelerates collective detection and response.
Key Questions for CISOs
- Do you have continuous visibility into the security posture of your critical vendors, or are you relying on point-in-time assessments?
- Have you mapped your full vendor ecosystem (including fourth-party dependencies) to identify where unauthorized access to your customer data could originate?
- Are your vendor contracts structured to require rapid breach notification and joint incident response?
- Is your third-party risk program aligned with current DORA, EU AI Act, and other regulatory requirements, and the next wave of regulatory tightening expected in 2026?
- Are you participating in sector-level threat intelligence sharing to identify vendor-side risks before they materialize?
→ Download the Financial Services CISOs Checklist
Download the Full Report
This article draws from the 2026 Social Engineering Risk Report for Financial Services, by Arsen. The full report covers every major AI-enabled attack vector facing the financial sector in 2026, from supply chain exploitation to deepfake video impersonation and AI-enhanced vishing, along with a complete CISO checklist for building organizational resilience.
→ Download the full report for the complete threat intelligence, sector-specific case studies, and the regulatory readiness framework.
Sources: ENISA Threat Landscape 2025; 2026 Social Engineering Risk Report for Financial Services, Arsen; CrowdStrike Threat Hunting Report 2025.
