SunTrust Bank says that a former employee may have attempted to steal information on about 1.5 million customers and pass the data on to a criminal third party.
The American bank's CEO William Rogers says that an internal investigation was begun more than six weeks ago after it emerged that a staffer had attempted to download the client information.
Names, addresses, phone numbers and "certain account balances" may have been exposed, but not personal social security numbers, account numbers, PINs, User IDs, passwords or driver’s license information.
Affected customers are being notified, although no major fraud activity has been spotted. All customers are being offered Experian IDnotify.
Meanwhile, outside help has been brought in to assist with an investigation and SunTrust is reviewing its capabilities and systems.