A Pennsylvania-based bank is disclosing a data breach caused by an unauthorized artificial intelligence software application.
According to a filing with the US Securities and Exchange Commission, Community Bank says the incident earlier this month exposed customer names, social security numbers, and dates of birth.
The bank says it took immediate steps to secure the information and launched an internal investigation with external cybersecurity advisors. The breach did not disrupt operations or customer access to accounts, but due to the volume and sensitive nature of the data, the company determined the event to be material.
The filing comes as a new report from Verizon highlights that shadow AI-employees using unapproved AI tools at work-is now the third most common non-malicious data leakage activity. Frequent use of AI tools by employees has surged from 15% to 45% in a single year.