The community bank, which operates in Pennsylvania, Ohio and West Virginia, disclosed a cybersecurity incident that exposed customers’ names, dates of birth and Social Security numbers.
In an 8-k filing In a filing with the U.S. Securities and Exchange Commission dated May 7, the bank said it had discovered a risk to customers’ personal data due to the use of an “unauthorized artificial intelligence-based software application.”
The bank said it disclosed the incident “due to the amount and sensitive nature of non-public information at issue.”
It’s unclear what exactly happened, but based on the language of the filing, it appears that someone working for the community bank may have uploaded customer data to an online AI chatbot, potentially exposing that information to the chatbot creator.
While Community Bank did not disclose how many customers were affected by the incident, nor which AI application was involved, the company said it was “evaluating the customer data that was impacted” and sending notifications in accordance with relevant laws.
Community Bank Chief Executive John Montgomery did not immediately respond to TechCrunch’s request for comment.
register first reported Security lapse.
