ATLANTA–SunTrust Banks has acknowledged that an employee had stolen information related to 1.5 million of its customers.
In a statement, SunTrust said it “became aware of potential theft by a former employee of information from some of its contact lists. Although the investigation is ongoing, SunTrust is proactively notifying approximately 1.5 million clients that certain information, such as name, address, phone number and certain account balances may have been exposed."
Saying it “cares deeply about the privacy and security of client information,” the bank is offering free credit protection services to its customers.
According to SunTrust, the theft of the contact information did not result in any other types of personally identifying information, such as Social Security numbers, account numbers, PINs, user IDs, passwords or driver's license information, being compromised.
The name of the ex-employee involved has not been revealed.
SunTrust further reported it has not received any reports of "significant fraudulent activity" that might indicate that the potentially stolen information has already been monetized by attackers.
SunTrust further said it's also monitoring the 1.5 million clients' accounts, including their FICO scores, for signs of fraud.
"Ensuring personal information security is fundamental to our purpose as a company of advancing financial well-being," SunTrust CEO William Rogers said in a statement.