SunTrust Banks Inc. said an employee may have stolen the information of about 1.5 million customers and provided it to a “criminal third party,” the latest example of a potential breach that underscores the vulnerability of consumers’ private data.

The Atlanta-based bank on Friday said the employee, who no longer works at SunTrust, attempted to access client information, although it has “not identified significant fraudulent activity” around the accounts involved.

Companies...