SunTrust says a former employee may have tried to print information on about 1.5 million customers and share it with a "criminal third party."
Chairman and CEO William Rogers Jr. made the announcement Friday as the regional bank released its quarterly earnings.
Rogers said the bank believes the information included names and account balances, but not Social Security numbers, account numbers or passwords. He also said the bank has not identified "significant fraudulent activity" on the accounts.
Rogers said this was discovered "in conjunction with law enforcement." He did not identify or elaborate on the criminal third party.
SunTrust is the 12th-largest US commercial bank by assets, according to the Federal Reserve. The stock was down 3% in premarket trading after the announcement.