SunTrust Banks, Inc., is informing 1.5 million customers that their personal information may have been stolen by a bank employee working with an outside criminal party.
On April 20, the Atlanta-based bank, which has total assets of $205 billion and total deposits of $162 billion, announced an ongoing investigation into the potential theft of information from some of its contact lists by an employee who has since left the company. SunTrust is also working with outside experts and coordinating with law enforcement on the investigation.
“SunTrust is proactively notifying approximately 1.5 million clients that certain information, such as name, address, phone number and certain account balances may have been exposed,” bank officials said in a press release. “The contact lists did not include personally identifying information, such as social security number, account number, PIN, User ID, password, or driver’s license information.”
SunTrust Chairman and CEO William Rogers said, during an earnings call, the former employee was working with a criminal third party when the client contact lists were stolen.
“Ensuring personal information security is fundamental to our purpose as a company of advancing financial well-being,” Rogers said in a statement. “We apologize to clients who may have been affected by this. We have heightened our monitoring of accounts and increased other security measures. While we have not identified significant fraudulent activity, we will reinforce our promise to clients that they will not be held responsible for any loss on their accounts as a result.”
Rogers added, “Our priority is protecting our clients and maintaining their trust. Beyond this incident, we want to help all SunTrust clients combat the increasing concern about identity theft and fraud, wherever it may occur.”