U.S. bank disclose security lapse after sharing customer data with AI app

In Brief

Community Bank, which operates successful Pennsylvania, Ohio, and West Virginia, disclosed a cybersecurity incidental that exposed customers’ names, dates of birth, and Social Security numbers.

In an 8-K filing dated May 7 with the U.S. Securities and Exchange Commission, the slope said it detected an vulnerability of customers’ idiosyncratic information owed to the usage of “an unauthorized artificial intelligence-based bundle application.”

The slope said it disclosed the incidental “due to the measurement and delicate quality of the non-public accusation astatine issue.”

It’s unclear precisely what happened, but based connected the connection successful the filing, it appears idiosyncratic moving for Community Bank whitethorn person uploaded lawsuit information to an online AI chatbot, perchance exposing that accusation to the chatbot maker. 

While Community Bank did not disclose however galore customers were affected by the incident, nor what AI exertion was involved, the institution said it is “evaluating the lawsuit information that was affected” and is sending notifications successful accordance with applicable laws. 

Community Bank’s main enforcement John Montgomery did not instantly respond to TechCrunch’s petition for comment.

The Register first reported the information lapse.

Subscribe for the industry’s biggest tech news