Community Bank Reports Data Exposure Involving Employee Use of Unauthorized AI Application
Community Bank filed an 8-K with the U.S. Securities and Exchange Commission on May 7, 2026, revealing that an unauthorized artificial intelligence-based software application exposed customers’ names, dates of birth, and Social Security numbers. The Pennsylvania, Ohio and West Virginia bank said it is evaluating the affected data and sending notifications in accordance with relevant laws.
americanbanker.comCommunity Bank disclosed a cybersecurity incident that exposed customers’ names, dates of birth, and Social Security numbers after an employee used an unauthorized artificial intelligence-based software application. U.S. Securities and Exchange Commission dated May 7, 2026.
The bank said the security lapse was due to the use of an “unauthorized” AI software app. Community Bank said it disclosed the incident due to the volume and sensitive nature of the non-public information at issue. It is evaluating the customer data that was affected and is sending notifications in accordance with relevant laws.
TechCrunch reported that Community Bank did not disclose how many customers were affected by the incident, nor what AI application was involved. The bank operates in Pennsylvania, Ohio, and West Virginia. John Montgomery is chief executive of Community Bank.
Montgomery did not immediately respond to a request for comment. The Register first reported the security lapse. TechCrunch posted its story at 9:36 AM PDT on May 12, 2026. The article was written by Lorenzo Franceschi-Bicchierai.
““due to the volume and sensitive nature of the non-public information at issue.” — Community Bank 8-K filing The filing makes clear the bank chose to notify regulators and customers because of the scale and sensitivity of the exposed data even while its internal review continues. No further details on the precise mechanism of the exposure or the identity of the AI tool have been released.”
Key Facts
Story Timeline
3 events- 2026-05-12 09:36 AM PDT
TechCrunch publishes story on the disclosure
1 sourceTechCrunch - 2026-05-07
Community Bank files 8-K with SEC detailing the incident
1 sourceCommunity Bank - Prior to May 7 2026
Community Bank detects exposure of customer data via unauthorized AI app
1 sourceCommunity Bank
Potential Impact
- 01
Customers whose data was exposed will receive formal notifications under relevant state and federal laws
- 02
Incident highlights growing risk of employees uploading sensitive data to third-party AI applications
- 03
Community Bank faces potential regulatory scrutiny and possible litigation over the unauthorized use of customer PII with AI tool
Transparency Panel
Related Stories
EuronewsWorld Urban Forum 2026 Draws 57,000 Participants from 176 Countries
The 13th World Urban Forum concluded with discussions on housing, climate resilience and urban governance. Organisers reported that the sessions informed future strategic priorities.
theverge.comTrump Mobile website still lists T1 phone as American-made
The product page for the T1 phone continues to describe the device as American-made. The Verge reported that the site may conflict with FTC advertising rules. The phone was announced in June 2025.
France 24EU Discusses Readiness for Artificial Intelligence Changes
A France 24 program examined whether European Union policies can address the effects of artificial intelligence. The discussion covered potential impacts across daily life and economic sectors.