SunTrust Bank said a former employee may have stolen names, addresses, phone numbers, and account balances of some 1.5 million of its clients.
The employee tried to download the client contact information six- to eight weeks ago in an attempt to provide the data to a criminal from outside the organization, Reuters reports.
SunTrust CEO William Rogers in an earnings call said there was no indication of fraudulant activity using the client information, and it appears the data had not been sent outside the bank.
The bank is now offering free identity protection services to all of its customers for the "potential data threat," according to a press announcement from SunTrust.
"The company became aware of potential theft by a former employee of information from some of its contact lists. Although the investigation is ongoing, SunTrust is proactively notifying approximately 1.5 million clients that certain information, such as name, address, phone number and certain account balances may have been exposed," the bank said in a press statement. "The contact lists did not include personally identifying information, such as social security number, account number, PIN, User ID, password, or driver's license information. SunTrust is also working with outside experts and coordinating with law enforcement."
Join Dark Reading LIVE for two cybersecurity summits at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the security track here. Register with Promo Code DR200 and save $200.