On January 14, law enforcement officials investigating another matter discovered client information from Branch Banking & Trust Co. (BB&T) in the possession of unauthorized individuals.
Once alerted to the breach, BB&T conducted an internal investigation and discovered that a former employee who had legitimate access to client accounts had abused the access and had sold client signature card information to others for fraudulent purposes. Client information that was sold included names, addresses, Social Security numbers, dates of birth,bank account numbers, driver’s license numbers, and signatures.
The total number of individuals affected was not indicated in the notification (pdf) to the Maryland Attorney General’s Office, but 63 residents of Maryland were affected. The company reports that the former employee was arrested, but as of the March 5 notification, others involved in the criminal ring had not yet been arrested. There was no indication any other BB&T employee was involved.
Several cases of fraud that appear to be the result of the breach had already been reported by the time of the notification.