SunTrust Banks has revealed that a former employee tried to download information on nearly 1.5 million clients and share it with a criminal third party.
According to news from Reuters, Chief Executive Officer William Rogers announced the incident during an earnings call with analysts on Friday (April 20).
He said the attempt — which happened six to eight weeks ago — included information such as names and account balances. The company does not believe it involved personally identifiable information, such as Social Security numbers, account numbers, pins, user IDs, passwords or driver’s license numbers.
“We began our own internal investigation, and through that process, approximately six to eight weeks ago, we discovered that the former employee attempted to download client information,” Rogers said.
As of last week, SunTrust does not believe the stolen data has left the bank, although the matter is still under investigation. The company declined to name the location of the branch where the attempted breach took place or the identity of the criminal third party.
Rogers pointed out that the incident was not a data breach, although the employee was not authorized to access that level of information. As a result, the company was reviewing its systems and capabilities.
SunTrust also announced today that it is now offering Identity Protection for all current and new consumer clients at no cost on an ongoing basis. Experian IDnotify will be provided to those who sign up for the service, in addition to existing SunTrust security protocols: ongoing monitoring of accounts, FICO score program, alerts, tools and zero liability fraud protection.
And while the bank said the incident will not result in any material impact to earnings, SunTrust’s shares fell 0.5 percent to $66.69.
“While management appears to be proactively addressing the data issue, we expect a degree of uncertainty to persist as the duration, breadth and financial impact of any related investigations (both internal and external) are not yet known,” Evercore analysts wrote in a client note.