Community Bank, which operates in Pennsylvania, Ohio, and West Virginia, reported a cybersecurity incident that exposed customer names, dates of birth, and Social Security numbers.
In an 8-K filing dated May 7 with the U.S. Securities and Exchange Commission, the bank indicated that customer data exposure was due to the use of an unauthorized AI-based software application.
The bank declared the incident due to the volume and sensitive nature of the information involved.
Details of the incident remain unclear, but it seems someone at Community Bank may have uploaded customer data to an online AI chatbot, potentially exposing it to the chatbot’s creator.
Community Bank has not revealed the number of impacted customers or the AI application used but stated it is assessing the affected customer data and notifying as required by law.
Community Bank’s CEO John Montgomery did not respond to TechCrunch’s request for comment.
The Register first reported the security issue.