Ethereum founder Vitalik Buterin once said, “Privacy is not a feature. Privacy is hygiene,” in response to a cyberattack on several major U.S. banks that resulted in the theft of client data.
Recent reports have revealed that hackers targeted financial institutions like JPMorgan Chase, Citibank, and Morgan Stanley during an attack on mortgage technology firm SitusAMC. This breach underscored the vulnerability of banks’ sensitive data and the potential risks associated with large-scale data breaches.
Financial institutions at risk as hackers expose confidential client records
SitusAMC fell victim to a cyberattack on November 12, 2025, which led to the exposure of confidential corporate information, including financial records and legal documents. While the breach has been contained, the company has notified federal authorities and assured that its systems are operational.
The absence of ransomware in the attack suggests an attempt by cybercriminals to avoid detection. Banks like JPMorgan Chase, Citibank, and Morgan Stanley are among those potentially impacted by the breach. The full extent of the compromised data is yet to be determined, highlighting the evolving threat posed by cyberattacks on supply chains.
Hackers successfully breached SitusAMC’s security systems and obtained client data associated with major banks, including sensitive financial and legal documents. The company is currently investigating the breach to assess the extent of the data theft and potential misuse.
Storing vast amounts of personal and business data in a centralized location poses significant risks, as cybercriminals can exploit stolen information for illicit purposes, tarnishing the reputations of affected companies and their clients.
JPMorgan Chase, Citibank, and Morgan Stanley have been alerted to the potential compromise of client data, prompting discussions on social media platforms and within financial and tech communities regarding the responsibility of banks to safeguard their security systems and client information.
The incident has also served as a reminder for companies to prioritize privacy and implement robust security measures. Ethereum co-founder Vitalik Buterin emphasized the importance of privacy, likening it to hygiene, to encourage banks and digital entities to integrate privacy practices into their operations.
Ethereum’s commitment to enhancing user privacy
Buterin outlined a plan in April to enhance Ethereum’s privacy features by utilizing stealth addresses to conceal transaction details and displaying only necessary information in specific contexts. Additionally, zero-knowledge tools would empower users to interact securely without requiring an in-depth understanding of cryptography.
Shiv Shankar, CEO of Boundless, emphasized the necessity of making privacy a standard practice to mitigate the risks of data breaches and protect users from potential harm.
The Ethereum Foundation established a privacy-focused research cluster, comprising engineers, cryptographers, coordinators, and researchers, to collaborate on projects aimed at enhancing the safety and privacy of Ethereum for users. The team introduced a privacy-first browser wallet and software toolkit named Kohaku, designed by Nicolas Consigny and Buterin, to assist users in securing their information when using Ethereum applications.
Bitcoin developers are also working on Taproot upgrades and wallet enhancements to enhance transaction privacy and security. Similarly, Ethereum developers are integrating privacy as a core component of new layer-2 solutions, rather than as an afterthought.
Privacy-focused companies like Zcash have gained popularity for their ability to conceal transaction details, with one Nasdaq-listed company acquiring a significant amount of ZEC and driving up its price by 469% in a month, indicating a growing recognition of the value of privacy among investors.
