SAN FRANCISCO — Accounts for as many as 1.5 million clients at SunTrust Banks may have been compromised after an employee stole client contact lists, the company said Friday.
During an earnings call Friday morning, SunTrust CEO William Rogers said the employee, who has now left the company, was working with a criminal third party when the client contact lists were stolen.
Information about clients that might have been exposed in the breach includes name, address, phone number and certain account balances.
The contact lists did not include personally-identifying information such as Social Security numbers, account number, PIN, user ID, password, or driver's license information, the bank said.
"We apologize to clients who may have been affected by this. We have heightened our monitoring of accounts and increased other security measures. While we have not identified significant fraudulent activity, we will reinforce our promise to clients that they will not be held responsible for any loss on their accounts as a result,” Bill Rogers, SunTrust chairman and CEO, said in a statement.
The Atlanta-based bank said it was working with outside experts and coordinating with law enforcement on the case.
Follow Elizabeth Weise on Twitter: @eweise