US Bank Files 8-K Over Employee's Unauthorized AI Use
CB Financial Services just reported the first incident of its kind to the SEC: not a hack, not an outage, just an in-house AI tool that processed customer names, Social Security numbers, and dates of birth without authorization. Any company letting employees plug ChatGPT or similar tools into sensitive data without clear guardrails should take note. Shadow AI is now a trigger for regulatory disclosure.
practitioners › Incident discovered May 5, deemed material on May 7 due to data volume and sensitivity; no operational disruption reported.
SEC Form 8-K, CB Financial Services, Inc. →