Community Bank, serving Pennsylvania, Ohio, and West Virginia, reported a cybersecurity breach that compromised customers’ names, birth dates, and Social Security numbers.

In an 8-K report submitted on May 7 to the U.S. Securities and Exchange Commission, the bank indicated that it identified a breach of customers’ personal information as a result of “an unauthorized AI-driven software application.”

The bank stated it made the incident public “due to the magnitude and sensitive nature of the private information involved.”

Although the specifics remain unclear, the wording in the filing suggests that an employee of Community Bank might have uploaded customer information to an online AI chatbot, possibly exposing that data to the developer of the chatbot. 

While Community Bank has not revealed how many customers were impacted by the breach or which AI application was involved, the organization mentioned it is “assessing the customer data that was compromised” and is issuing notifications in line with applicable laws. 

John Montgomery, the CEO of Community Bank, did not promptly respond to TechCrunch’s request for a statement.

The Register was the first to report on the security breach.