A class action lawsuit has been filed against SunTrust Bank, over the data breach that left information for 1.5 million of its customers exposed.
The complaint filed at the U.S. District Court for the Northern District of Georgia said the Atlanta-based company failed to secure and safeguard customers personal and highly private information, and for failing to provide timely, accurate and adequate notice to its customers that their information had been compromised.
“The compromise was the inevitable result of SunTrust’s inadequate approach to data security and the protection of the PII (personal identifying information) that it collected during the course of its business,” the complaint filed by Morgan and Morgan attorneys read in part.
The complaint seeks damages for an amount to be determined, attorney fees besides asking for a jury trial.
“We have heightened our monitoring of accounts, increased other security measures, and are offering identity theft protection services at no cost to our consumer banking clients,” said a SunTrust spokesperson in response to the lawsuit.
While acknowledging the breach in April, the company maintained that the personal identifying information of its customers, such as social security numbers, account numbers, PIN, User ID's, password, or driver's license information was not compromised. A former employee, who the company did not identify, allegedly accessed the information with the intent of sharing it with a criminal third party.
SunTrust's breach followed several other high profile breaches including the 2017 Equifax breach that impacted information for 145 million customers and the 2014 Home Depot breach.