SunTrust Employee May Have Stolen Data On 1.5 Million Customers – SunTrust To Provide Identity Protection

A former SunTrust employee may have stolen personal data regarding to 1.5 million SunTrust customers. SunTrust has stated the following data may have been accessed: name, address, phone number and certain account balances. They also stated that the potentially stolen contact list did not include: social security number, account number, PIN, User ID, password, or driver’s license information.

Due tot his breach SunTrust will provide identity protection for all current and new consumer clients. They will be providing Experian IDNotify, this includes:

  • Experian 1B Credit Monitoring
  • Annual Experian Credit Report
  • Identify Theft Insurance with up to $1 million reimbursement for covered expenses
  • Identity Restoration Assistance
  • Dedicated Call Center Support
  • Dark Web Monitoring

It’s not clear if the data stolen includes records on previous SunTrust customers or not. SunTrust is only providing the identity protection for existing customers, you’d hope this would be extended to previous customers as well. I suspect lots of readers have SunTrust accounts or have had them in the past due to the regular checking account bonuses they offer. We talk about this everytime a data breach happens, but unless the penalties for data breaches are increased they are going to continue to happen at an alarming rate. Read our guide on what to do in the case of a data breach here.

View Comments (20)

  • Does anyone know if Lightstream customers are included in this? They are listed as a division of SunTrust Bank.

  • Interesting. All my Suntrust activity is online during the summer when I am out of state and mostly automatic bill pays. 2 years ago I had a strange email and decided to check my account. Some guy in Russia had changed all my contact info to his including password, linked my account to Venmo and was taking out $400 a day for several weeks! I finally had it straightened out and I even sent him some nasty emails. Now I check my accounts constantly! I assume the bank ate it since there is no way to go after him.

  • in a few years the scandal will break out that Experian was behind all these hacks in order to generate business for their credit monitoring! obv not serious, but someone can write that Onion headline.

  • Nothing like news of another data terrorist pimping out 1.5m data points to start off Monday.

    Seriously, when will the punishments increase?? The congressional hearings w/Facepalm (err, fbook) accomplished nothing. Kid gloves treatment, none of the congressman were tech savvy enough to get to the heart of the issue.

    Moral of the story—if you wanna get rich quick go pimp some data. And if you’re good enough at it, and you go public, you’re data pimping company will get a good 10x valuation than what your company fundamentals would warrant. That’s how lucrative data pimping is.

    Doc—you and me need to storm capital hill and preach the TRUTH!!

  • Monitor your accounts. I just had my first ever bank account fraud last week and it was a SunTrust account. Oh, and their customer service is abysmal.

    Once the 6 month timeframe passes after receiving my $500 bonus, I will happily dump SunTrust.

    • There was nothing hateful about it. Nothing in it was not about what has happened within the last weekend by someone else who should know better. There was no editorial content or conjecture of my own. None! Hope you are just as engaged in the Twitter world to tamp down the hate emanating from certain someone as you are here.

      But it was off topic and I apologize to doc for it.

      • Because comments are auto approved if that person has left a comment before. Moderating comments is difficult, it's a fine line between censorship and keeping the comments section healthy.

      • It's not Doc's job to moderate every single comment. We are exteremly privileged for him and his team to write the content to keep us updated for potential deals and news the community may be interested in. It is not our right to expect every comment gets moderated by the team the second its posted (this is not a reddit churning referral thread) that has the criteria for that. Its a blog.

        But yes, i'm sure doc or chuck or someone on staff will eventually see it and ban people with those hateful comments.

    • DOC-

      Love your site, but is it really a place for this type of broad-brushed hate being posted under the guise of righteous anger? It offers nothing of value.

      -An independent who didn't vote for Trump

  • Same process different company. Offer free credit monitoring. It's obvious the data is being used as the amount of spam calls and emails that I receive have increased substantially over the years. Just when I block one call I get new ones.

  • That profit though, if he had SSNs etc selling that info on the darkweb with 1.5 million victims easily millions of dollars in gainzz

    • He/she didn't, though. From the post: "...the potentially stolen contact list did not include: social security number..."