[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"kb-article-community-bank-s-sec-8-k-ai-data-breach-how-an-unauthorized-employee-app-exposed-pii-and-rewrote-ai--en":3,"ArticleBody_bAc7lZtXCWtlDDSFTFGvD7e5PKDc2DlL7Fp5LVuBVc":106},{"article":4,"relatedArticles":74,"locale":64},{"id":5,"title":6,"slug":7,"content":8,"htmlContent":9,"excerpt":10,"category":11,"tags":12,"metaDescription":10,"wordCount":13,"readingTime":14,"publishedAt":15,"sources":16,"sourceCoverage":58,"transparency":59,"seo":63,"language":64,"featuredImage":65,"featuredImageCredit":66,"isFreeGeneration":70,"trendSlug":58,"niche":71,"geoTakeaways":58,"geoFaq":58,"entities":58},"6a0a1840e92e33c825da84d5","Community Bank’s SEC 8-K AI Data Breach: How an Unauthorized Employee App Exposed PII and Rewrote AI Risk for Banks","community-bank-s-sec-8-k-ai-data-breach-how-an-unauthorized-employee-app-exposed-pii-and-rewrote-ai-","An employee at Community Bank, a 125‑year‑old regional lender, uploaded customer records—including names, dates of birth, and Social Security numbers (SSNs)—to an unauthorized AI application.[1][2] Days later, the bank filed a Form 8‑K with the SEC, turning a productivity shortcut into a material cybersecurity event.[1][5]  \n\nFor ML, platform, and security engineers in financial services, this is a design failure: missing AI controls, weak guardrails, and workflows that made “shadow AI” the easiest way to get work done.[6][7]\n\nThis article reconstructs the incident, surfaces root causes, and outlines architectures and runbooks to deploy before your own staff reaches for a consumer chatbot.\n\n---\n\n## 1. What Happened: Reconstructing the Community Bank AI Breach\n\nCommunity Bank operates in Pennsylvania, Ohio, and West Virginia.[1][2] On May 7, 2026, it filed a Form 8‑K reporting that customer names, dates of birth, and SSNs were exposed via “an unauthorized artificial intelligence-based software application.”[1][3][5]\n\nKey facts from the filing:[1][2][3][4][5]\n\n- Exposure involved non‑public information with SSNs, a top‑risk U.S. identifier.[1][3]  \n- The bank cited the “volume and sensitive nature” of the data as the reason for 8‑K materiality.[1][3][5]  \n- No AI vendor, product, or customer count was disclosed; scope and root cause “remain under investigation.”[1][2][3][4]  \n\nIndustry commentary infers a familiar pattern: a staff member copied non‑public customer data into a public generative AI chatbot, outside any approved tech stack—a classic “shadow AI” scenario.[2][4][6]\n\n💡 **Callout: What made this “AI-driven”?**  \nThis was not a model exploit or training‑data leak. The AI system created new exposure paths—prompt inputs, provider logs, and potential model retention—that a traditional web‑app review would miss.[7][8]\n\nIn current AI security practice, regulators and practitioners treat:[7][8][9]\n\n- Prompt inputs as data transfers to third‑party processors  \n- Provider logs as long‑lived PII storage  \n- Training pipelines as potential re‑exposure vectors  \n\nWithout controls on these AI‑specific paths, similar incidents become more likely as [large language models](https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FLarge_language_model) (LLMs) proliferate.[7][8][9]\n\n---\n\n## 2. Why This Matters: Regulatory, Privacy, and AI-Governance Implications\n\nThe 8‑K shows this was more than a policy violation. Management deemed it **material** to investors because of the sensitivity and potential scale of exposed customer data.[1][5]\n\nRelevant trends:[2][3][7][8][9]\n\n- ~68% of organizations using AI reported at least one privacy-related AI incident in the prior year.[9]  \n- Multiple federal and state laws treat SSN exposure as presumptively serious, often requiring notification and remediation.[3]  \n- 13% of organizations reported breaches of AI models or applications in 2025; 97% lacked proper AI access controls.[7]  \n\n📊 **Callout: Why regulators care**  \nCommunity Bank’s case is a realized AI incident where unauthorized use directly violated data‑protection expectations and forced regulatory disclosure.[2] That moves “AI risk” from theory to public record.\n\nTraditional incident‑response plans rarely account for:[7][8]\n\n- Unapproved use of SaaS LLMs  \n- Prompt leakage of confidential or regulated attributes  \n- Vendor log retention and unclear deletion guarantees  \n\nMeanwhile, internal assistants, copilots, and [AI agents](https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FAI_agent) are often deployed faster than:[7][8][9]\n\n- Role‑based AI access controls  \n- Centralized AI gateways  \n- LLM‑specific vendor‑risk and data‑processing assessments  \n\n⚠️ **High-stakes in financial services**  \nFinancial services concentrate sensitive identifiers and are repeatedly flagged as high‑risk for AI privacy harms.[2][9] A single “helpful” upload can trigger:[1][2][3][5][9]\n\n- Multi‑jurisdictional notifications  \n- Reputational damage and media attention  \n- SEC 8‑K disclosure and investor scrutiny  \n\n---\n\n## 3. Root Causes: Shadow AI, Missing Controls, and Human Factors\n\n“Shadow AI” is employee use of commercial AI tools—like public chatbots—outside vendor‑management and security review.[6] The 8‑K narrative points directly at this: internal non‑public data, an unauthorized AI app, and no vetted workflow.[1][6]\n\nObserved weaknesses in similar AI breaches:[7][8][9][10]\n\n- 97% lacked AI‑specific access controls when the breach occurred.[7]  \n- New vulnerability classes (prompt injection, [data exfiltration](https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FData_exfiltration) via outputs) were not in design reviews.[8][10]  \n- PII leaked via prompts, logs, and observability pipelines; over‑privileged agents moved data across systems.[8][10]  \n\n💼 **Anecdote from the field**  \nA risk manager at a 30‑person credit union reported analysts pasting full loan files into a consumer LLM to “clean up notes,” despite policy bans. The pressure to move fast outweighed a static PDF policy nobody reread.\n\nPrivacy guidance warns that AI can infer sensitive traits from seemingly benign attributes.[9] When raw identifiers like SSNs and full DOBs are sent to external AI services, harm potential escalates—matching the bank’s focus on the “volume and sensitive nature” of the data.[1][9]\n\nCulture amplifies risk: when leaders loudly promote AI but provide no usable, sanctioned tools, staff will gravitate to public apps.[6]  \n\n⚡ **Callout: Culture is a control surface**  \nIf the fastest way to “use AI” is a public chatbot, shadow AI is an infrastructure problem more than a user problem.[6][7]\n\n---\n\n## 4. Architecting Safe AI Use in Banks: Controls, Patterns, and Guardrails\n\n### 4.1 Centralized AI Gateway and Allowlist\n\nA safer baseline is a bank‑controlled AI gateway:[8]\n\n- One internal endpoint for all LLM traffic (UI, SDKs, CLI)  \n- Allowlisted models and vendors only  \n- DLP and PII redaction on prompts  \n- Full prompts\u002Fresponses logged for audit and forensics  \n\nExample high‑level config:\n\n```yaml\nai-gateway:\n  providers:\n    - name: openai-prod\n      allowed_models: [gpt-4.1-mini, gpt-4.1]\n  policies:\n    - name: block-ssn\n      type: pre_prompt\n      action: reject\n      patterns: [\"\\\\b\\\\d{3}-\\\\d{2}-\\\\d{4}\\\\b\"]\n    - name: redact-dob\n      type: pre_prompt\n      action: redact\n      entities: [date_of_birth]\n  logging:\n    pii_safe_logs: true\n    retention_days: 365\n```\n\n💡 **Callout: Make “the right path” the easy path**  \nInternal tools should route to this gateway by default; opening a consumer chatbot should feel like extra work.[6][8]\n\n### 4.2 AI-Specific Access Controls\n\nIncident‑response research finds weak or missing access controls in nearly all AI breaches.[7] For banks:[7][8]\n\n- Enforce role‑based policies for who can send production customer data  \n- Use scoped API keys and per‑team quotas  \n- Separate sandbox experimentation from regulated workloads  \n\n### 4.3 OWASP LLM-Style Mitigations for PII\n\nDrawing on OWASP LLM Top 10 guidance—where prompt injection tops the list—banks should:[8]\n\n- Limit context windows to reduce unnecessary data sharing  \n- Apply output filters to block accidental PII echo  \n- Use pre‑prompt scanners to catch SSNs, full birth dates, and account numbers before the model sees them  \n\n### 4.4 Privacy-by-Design and Vendor Controls\n\nAI privacy checklists for 2026 recommend maintaining an “AI register” that records for each use case:[9]\n\n- Personal data categories processed (SSN, DOB, balances)  \n- Vendors receiving data and the legal basis  \n- Contractual terms for retention, training rights, and sub‑processors[9]  \n\n### 4.5 Agentic AI Risks\n\nAgentic systems that read customer records, export logs, or touch credential vaults expand blast radius if misconfigured.[8][10]  \n\nBanks should enforce:[8][10]\n\n- Least privilege for tools (specific tables, not entire databases)  \n- Runtime monitoring of agent actions  \n- Human approval for sensitive steps like exporting PII  \n\n⚠️ **Callout: Agents can recreate the Community Bank scenario at scale**  \nA mis‑scoped agent could continuously summarize daily customer data into a third‑party note‑taking LLM—turning one user’s mistake into ongoing data exfiltration.[2][8][10]\n\n---\n\n## 5. AI Incident Response for Financial Institutions: From Detection to Disclosure\n\nCommunity Bank’s description outlines a lifecycle: discovery of internal misuse, securing information, internal investigation with external cybersecurity advisors, notifications, and ongoing regulatory communication.[1][4] Banks should treat this as a reusable pattern.\n\nThe diagram below summarizes a typical AI incident lifecycle in a financial institution, from the first misuse to remediation and new controls.\n\n```mermaid\nflowchart LR\n    title AI Incident Lifecycle in Financial Institutions\n    A[Unauthorized AI use] --> B[PII sent externally]\n    B --> C[AI use detected]\n    C --> D[Investigation & experts]\n    D --> E[Containment & deletion]\n    E --> F[Regulatory assessment]\n    F --> G[SEC 8-K & notices]\n    G --> H[New controls & monitoring]\n\n    classDef danger fill:#ef4444,stroke:#ef4444,color:#ffffff;\n    classDef warning fill:#f59e0b,stroke:#f59e0b,color:#000000;\n    classDef info fill:#3b82f6,stroke:#3b82f6,color:#ffffff;\n    classDef success fill:#22c55e,stroke:#22c55e,color:#000000;\n\n    class A,B danger\n    class C,D info\n    class E,F warning\n    class G,H success\n```\n\nAn AI‑aware incident‑response framework should extend classical playbooks with:[1][7][8]\n\n- **Detection:** Telemetry on AI usage (who called which model, with what data classes)  \n- **Analysis:** Prompt‑history review at the gateway; vendor log and retention analysis  \n- **Containment:** Disable offending accounts, revoke keys, and request deletion from providers where contracts allow[1][7]  \n- **Eradication:** Fix misconfigurations, tighten policies, and update training  \n- **Recovery:** Restore AI access under improved controls and monitoring[7]  \n\n📊 **Callout: Many AI breaches are “silent”**  \nAI breaches are often discovered late because telemetry and logging were never instrumented.[7][8] If you cannot answer “what prompts left our network last week,” your incident‑response plan is incomplete.\n\nOnce PII exposure via AI is confirmed","\u003Cp>An employee at Community Bank, a 125‑year‑old regional lender, uploaded customer records—including names, dates of birth, and Social Security numbers (SSNs)—to an unauthorized AI application.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa> Days later, the bank filed a Form 8‑K with the SEC, turning a productivity shortcut into a material cybersecurity event.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-5\" class=\"citation-link\" title=\"View source [5]\">[5]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>For ML, platform, and security engineers in financial services, this is a design failure: missing AI controls, weak guardrails, and workflows that made “shadow AI” the easiest way to get work done.\u003Ca href=\"#source-6\" class=\"citation-link\" title=\"View source [6]\">[6]\u003C\u002Fa>\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>This article reconstructs the incident, surfaces root causes, and outlines architectures and runbooks to deploy before your own staff reaches for a consumer chatbot.\u003C\u002Fp>\n\u003Chr>\n\u003Ch2>1. What Happened: Reconstructing the Community Bank AI Breach\u003C\u002Fh2>\n\u003Cp>Community Bank operates in Pennsylvania, Ohio, and West Virginia.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa> On May 7, 2026, it filed a Form 8‑K reporting that customer names, dates of birth, and SSNs were exposed via “an unauthorized artificial intelligence-based software application.”\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003Ca href=\"#source-5\" class=\"citation-link\" title=\"View source [5]\">[5]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Key facts from the filing:\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa>\u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003Ca href=\"#source-4\" class=\"citation-link\" title=\"View source [4]\">[4]\u003C\u002Fa>\u003Ca href=\"#source-5\" class=\"citation-link\" title=\"View source [5]\">[5]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Exposure involved non‑public information with SSNs, a top‑risk U.S. identifier.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>The bank cited the “volume and sensitive nature” of the data as the reason for 8‑K materiality.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003Ca href=\"#source-5\" class=\"citation-link\" title=\"View source [5]\">[5]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>No AI vendor, product, or customer count was disclosed; scope and root cause “remain under investigation.”\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa>\u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003Ca href=\"#source-4\" class=\"citation-link\" title=\"View source [4]\">[4]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Industry commentary infers a familiar pattern: a staff member copied non‑public customer data into a public generative AI chatbot, outside any approved tech stack—a classic “shadow AI” scenario.\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa>\u003Ca href=\"#source-4\" class=\"citation-link\" title=\"View source [4]\">[4]\u003C\u002Fa>\u003Ca href=\"#source-6\" class=\"citation-link\" title=\"View source [6]\">[6]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>💡 \u003Cstrong>Callout: What made this “AI-driven”?\u003C\u002Fstrong>\u003Cbr>\nThis was not a model exploit or training‑data leak. The AI system created new exposure paths—prompt inputs, provider logs, and potential model retention—that a traditional web‑app review would miss.\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>In current AI security practice, regulators and practitioners treat:\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Prompt inputs as data transfers to third‑party processors\u003C\u002Fli>\n\u003Cli>Provider logs as long‑lived PII storage\u003C\u002Fli>\n\u003Cli>Training pipelines as potential re‑exposure vectors\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Without controls on these AI‑specific paths, similar incidents become more likely as \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FLarge_language_model\" class=\"wiki-link\" target=\"_blank\" rel=\"noopener\">large language models\u003C\u002Fa> (LLMs) proliferate.\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>\u003C\u002Fp>\n\u003Chr>\n\u003Ch2>2. Why This Matters: Regulatory, Privacy, and AI-Governance Implications\u003C\u002Fh2>\n\u003Cp>The 8‑K shows this was more than a policy violation. Management deemed it \u003Cstrong>material\u003C\u002Fstrong> to investors because of the sensitivity and potential scale of exposed customer data.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-5\" class=\"citation-link\" title=\"View source [5]\">[5]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Relevant trends:\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa>\u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>~68% of organizations using AI reported at least one privacy-related AI incident in the prior year.\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Multiple federal and state laws treat SSN exposure as presumptively serious, often requiring notification and remediation.\u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>13% of organizations reported breaches of AI models or applications in 2025; 97% lacked proper AI access controls.\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>📊 \u003Cstrong>Callout: Why regulators care\u003C\u002Fstrong>\u003Cbr>\nCommunity Bank’s case is a realized AI incident where unauthorized use directly violated data‑protection expectations and forced regulatory disclosure.\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa> That moves “AI risk” from theory to public record.\u003C\u002Fp>\n\u003Cp>Traditional incident‑response plans rarely account for:\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Unapproved use of SaaS LLMs\u003C\u002Fli>\n\u003Cli>Prompt leakage of confidential or regulated attributes\u003C\u002Fli>\n\u003Cli>Vendor log retention and unclear deletion guarantees\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Meanwhile, internal assistants, copilots, and \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FAI_agent\" class=\"wiki-link\" target=\"_blank\" rel=\"noopener\">AI agents\u003C\u002Fa> are often deployed faster than:\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Role‑based AI access controls\u003C\u002Fli>\n\u003Cli>Centralized AI gateways\u003C\u002Fli>\n\u003Cli>LLM‑specific vendor‑risk and data‑processing assessments\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>⚠️ \u003Cstrong>High-stakes in financial services\u003C\u002Fstrong>\u003Cbr>\nFinancial services concentrate sensitive identifiers and are repeatedly flagged as high‑risk for AI privacy harms.\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa>\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa> A single “helpful” upload can trigger:\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa>\u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003Ca href=\"#source-5\" class=\"citation-link\" title=\"View source [5]\">[5]\u003C\u002Fa>\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Multi‑jurisdictional notifications\u003C\u002Fli>\n\u003Cli>Reputational damage and media attention\u003C\u002Fli>\n\u003Cli>SEC 8‑K disclosure and investor scrutiny\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Chr>\n\u003Ch2>3. Root Causes: Shadow AI, Missing Controls, and Human Factors\u003C\u002Fh2>\n\u003Cp>“Shadow AI” is employee use of commercial AI tools—like public chatbots—outside vendor‑management and security review.\u003Ca href=\"#source-6\" class=\"citation-link\" title=\"View source [6]\">[6]\u003C\u002Fa> The 8‑K narrative points directly at this: internal non‑public data, an unauthorized AI app, and no vetted workflow.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-6\" class=\"citation-link\" title=\"View source [6]\">[6]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Observed weaknesses in similar AI breaches:\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>\u003Ca href=\"#source-10\" class=\"citation-link\" title=\"View source [10]\">[10]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>97% lacked AI‑specific access controls when the breach occurred.\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>New vulnerability classes (prompt injection, \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FData_exfiltration\" class=\"wiki-link\" target=\"_blank\" rel=\"noopener\">data exfiltration\u003C\u002Fa> via outputs) were not in design reviews.\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003Ca href=\"#source-10\" class=\"citation-link\" title=\"View source [10]\">[10]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>PII leaked via prompts, logs, and observability pipelines; over‑privileged agents moved data across systems.\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003Ca href=\"#source-10\" class=\"citation-link\" title=\"View source [10]\">[10]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>💼 \u003Cstrong>Anecdote from the field\u003C\u002Fstrong>\u003Cbr>\nA risk manager at a 30‑person credit union reported analysts pasting full loan files into a consumer LLM to “clean up notes,” despite policy bans. The pressure to move fast outweighed a static PDF policy nobody reread.\u003C\u002Fp>\n\u003Cp>Privacy guidance warns that AI can infer sensitive traits from seemingly benign attributes.\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa> When raw identifiers like SSNs and full DOBs are sent to external AI services, harm potential escalates—matching the bank’s focus on the “volume and sensitive nature” of the data.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Culture amplifies risk: when leaders loudly promote AI but provide no usable, sanctioned tools, staff will gravitate to public apps.\u003Ca href=\"#source-6\" class=\"citation-link\" title=\"View source [6]\">[6]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>⚡ \u003Cstrong>Callout: Culture is a control surface\u003C\u002Fstrong>\u003Cbr>\nIf the fastest way to “use AI” is a public chatbot, shadow AI is an infrastructure problem more than a user problem.\u003Ca href=\"#source-6\" class=\"citation-link\" title=\"View source [6]\">[6]\u003C\u002Fa>\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003C\u002Fp>\n\u003Chr>\n\u003Ch2>4. Architecting Safe AI Use in Banks: Controls, Patterns, and Guardrails\u003C\u002Fh2>\n\u003Ch3>4.1 Centralized AI Gateway and Allowlist\u003C\u002Fh3>\n\u003Cp>A safer baseline is a bank‑controlled AI gateway:\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>One internal endpoint for all LLM traffic (UI, SDKs, CLI)\u003C\u002Fli>\n\u003Cli>Allowlisted models and vendors only\u003C\u002Fli>\n\u003Cli>DLP and PII redaction on prompts\u003C\u002Fli>\n\u003Cli>Full prompts\u002Fresponses logged for audit and forensics\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example high‑level config:\u003C\u002Fp>\n\u003Cpre>\u003Ccode class=\"language-yaml\">ai-gateway:\n  providers:\n    - name: openai-prod\n      allowed_models: [gpt-4.1-mini, gpt-4.1]\n  policies:\n    - name: block-ssn\n      type: pre_prompt\n      action: reject\n      patterns: [\"\\\\b\\\\d{3}-\\\\d{2}-\\\\d{4}\\\\b\"]\n    - name: redact-dob\n      type: pre_prompt\n      action: redact\n      entities: [date_of_birth]\n  logging:\n    pii_safe_logs: true\n    retention_days: 365\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>💡 \u003Cstrong>Callout: Make “the right path” the easy path\u003C\u002Fstrong>\u003Cbr>\nInternal tools should route to this gateway by default; opening a consumer chatbot should feel like extra work.\u003Ca href=\"#source-6\" class=\"citation-link\" title=\"View source [6]\">[6]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>4.2 AI-Specific Access Controls\u003C\u002Fh3>\n\u003Cp>Incident‑response research finds weak or missing access controls in nearly all AI breaches.\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa> For banks:\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enforce role‑based policies for who can send production customer data\u003C\u002Fli>\n\u003Cli>Use scoped API keys and per‑team quotas\u003C\u002Fli>\n\u003Cli>Separate sandbox experimentation from regulated workloads\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>4.3 OWASP LLM-Style Mitigations for PII\u003C\u002Fh3>\n\u003Cp>Drawing on OWASP LLM Top 10 guidance—where prompt injection tops the list—banks should:\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Limit context windows to reduce unnecessary data sharing\u003C\u002Fli>\n\u003Cli>Apply output filters to block accidental PII echo\u003C\u002Fli>\n\u003Cli>Use pre‑prompt scanners to catch SSNs, full birth dates, and account numbers before the model sees them\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>4.4 Privacy-by-Design and Vendor Controls\u003C\u002Fh3>\n\u003Cp>AI privacy checklists for 2026 recommend maintaining an “AI register” that records for each use case:\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Personal data categories processed (SSN, DOB, balances)\u003C\u002Fli>\n\u003Cli>Vendors receiving data and the legal basis\u003C\u002Fli>\n\u003Cli>Contractual terms for retention, training rights, and sub‑processors\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>4.5 Agentic AI Risks\u003C\u002Fh3>\n\u003Cp>Agentic systems that read customer records, export logs, or touch credential vaults expand blast radius if misconfigured.\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003Ca href=\"#source-10\" class=\"citation-link\" title=\"View source [10]\">[10]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Banks should enforce:\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003Ca href=\"#source-10\" class=\"citation-link\" title=\"View source [10]\">[10]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Least privilege for tools (specific tables, not entire databases)\u003C\u002Fli>\n\u003Cli>Runtime monitoring of agent actions\u003C\u002Fli>\n\u003Cli>Human approval for sensitive steps like exporting PII\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>⚠️ \u003Cstrong>Callout: Agents can recreate the Community Bank scenario at scale\u003C\u002Fstrong>\u003Cbr>\nA mis‑scoped agent could continuously summarize daily customer data into a third‑party note‑taking LLM—turning one user’s mistake into ongoing data exfiltration.\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003Ca href=\"#source-10\" class=\"citation-link\" title=\"View source [10]\">[10]\u003C\u002Fa>\u003C\u002Fp>\n\u003Chr>\n\u003Ch2>5. AI Incident Response for Financial Institutions: From Detection to Disclosure\u003C\u002Fh2>\n\u003Cp>Community Bank’s description outlines a lifecycle: discovery of internal misuse, securing information, internal investigation with external cybersecurity advisors, notifications, and ongoing regulatory communication.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-4\" class=\"citation-link\" title=\"View source [4]\">[4]\u003C\u002Fa> Banks should treat this as a reusable pattern.\u003C\u002Fp>\n\u003Cp>The diagram below summarizes a typical AI incident lifecycle in a financial institution, from the first misuse to remediation and new controls.\u003C\u002Fp>\n\u003Cpre>\u003Ccode class=\"language-mermaid\">flowchart LR\n    title AI Incident Lifecycle in Financial Institutions\n    A[Unauthorized AI use] --> B[PII sent externally]\n    B --> C[AI use detected]\n    C --> D[Investigation & experts]\n    D --> E[Containment & deletion]\n    E --> F[Regulatory assessment]\n    F --> G[SEC 8-K & notices]\n    G --> H[New controls & monitoring]\n\n    classDef danger fill:#ef4444,stroke:#ef4444,color:#ffffff;\n    classDef warning fill:#f59e0b,stroke:#f59e0b,color:#000000;\n    classDef info fill:#3b82f6,stroke:#3b82f6,color:#ffffff;\n    classDef success fill:#22c55e,stroke:#22c55e,color:#000000;\n\n    class A,B danger\n    class C,D info\n    class E,F warning\n    class G,H success\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>An AI‑aware incident‑response framework should extend classical playbooks with:\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Detection:\u003C\u002Fstrong> Telemetry on AI usage (who called which model, with what data classes)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Analysis:\u003C\u002Fstrong> Prompt‑history review at the gateway; vendor log and retention analysis\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Containment:\u003C\u002Fstrong> Disable offending accounts, revoke keys, and request deletion from providers where contracts allow\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Eradication:\u003C\u002Fstrong> Fix misconfigurations, tighten policies, and update training\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Recovery:\u003C\u002Fstrong> Restore AI access under improved controls and monitoring\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>📊 \u003Cstrong>Callout: Many AI breaches are “silent”\u003C\u002Fstrong>\u003Cbr>\nAI breaches are often discovered late because telemetry and logging were never instrumented.\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa> If you cannot answer “what prompts left our network last week,” your incident‑response plan is incomplete.\u003C\u002Fp>\n\u003Cp>Once PII exposure via AI is confirmed\u003C\u002Fp>\n","An employee at Community Bank, a 125‑year‑old regional lender, uploaded customer records—including names, dates of birth, and Social Security numbers (SSNs)—to an unauthorized AI application.[1][2] Da...","security",[],1364,7,"2026-05-17T19:37:51.886Z",[17,22,26,30,34,38,42,46,50,54],{"title":18,"url":19,"summary":20,"type":21},"Community Bank discloses customer data exposure through an unauthorized AI application","https:\u002F\u002Felephas.app\u002Fresources\u002Fcommunity-bank-unauthorized-ai-exposure","Community Bank discloses customer data exposure through an unauthorized AI application\n\nAI Privacy Incident•May 7, 2026\n\nSummary\nOn May 7, 2026, Community Bank, a regional U.S. lender operating in Pen...","kb",{"title":23,"url":24,"summary":25,"type":21},"Community Bank Data Breach Caused by Unauthorized AI Application","https:\u002F\u002Foecd.ai\u002Fen\u002Fincidents\u002F2026-05-12-82db","Community Bank, operating in Pennsylvania, Ohio, and West Virginia, disclosed a data breach after an employee uploaded sensitive customer information—including names, birth dates, and Social Security ...",{"title":27,"url":28,"summary":29,"type":21},"US bank reports itself after slinging customer data at 'unauthorized AI app'","https:\u002F\u002Fwww.theregister.com\u002Fsecurity\u002F2026\u002F05\u002F12\u002Fus-bank-reports-itself-after-ai-customer-data-mishap\u002F5238787","A US commercial bank just tattled on itself to the Securities and Exchange Commission (SEC) for plugging a bunch of customer data into an unauthorized AI application.\n\nCommunity Bank, which operates i...",{"title":31,"url":32,"summary":33,"type":21},"Community Bank customer data exposed via unauthorized AI software","https:\u002F\u002Fwww.scworld.com\u002Fbrief\u002Fcommunity-bank-customer-data-exposed-via-unauthorized-ai-software","According to TechCrunch, Community Bank has disclosed a cybersecurity incident that resulted in the exposure of sensitive customer data, including names, dates of birth, and Social Security numbers, d...",{"title":35,"url":36,"summary":37,"type":21},"US bank discloses security lapse after sharing customer data with AI app","https:\u002F\u002Ftechcrunch.com\u002F2026\u002F05\u002F12\u002Fus-bank-discloses-security-lapse-after-sharing-customer-data-with-ai-app\u002F","Community Bank, which operates in Pennsylvania, Ohio, and West Virginia, disclosed a cybersecurity incident that exposed customers’ names, dates of birth, and Social Security numbers.\n\nIn an 8-K filin...",{"title":39,"url":40,"summary":41,"type":21},"What is stopping your staff from dumping customer data into AI tools, like Anthropic's Claude or OpenAI's ChatGPT? Earlier this month, Community Bank, a 125-year-old Pennsylvania bank, filed an 8-K… | Jason Mikula | 24 comments","https:\u002F\u002Fwww.linkedin.com\u002Fposts\u002Fjasonmikula_what-is-stopping-your-staff-from-dumping-activity-7461025889791774720-hv2n","What is stopping your staff from dumping customer data into AI tools, like Anthropic's Claude or OpenAI's ChatGPT? Earlier this month, Community Bank, a 125-year-old Pennsylvania bank, filed an 8-K re...",{"title":43,"url":44,"summary":45,"type":21},"AI Incident Response Playbook for LLM and GenAI Breaches","https:\u002F\u002Fbeyondscale.tech\u002Fblog\u002Fai-incident-response-playbook","SB\n\nSandeep B\n\nAI Security Team\n\nApril 2, 2026 17 min read\n\nThirteen percent of organizations reported breaches of AI models or applications in 2025. Of those, 97% lacked proper AI access controls at ...",{"title":47,"url":48,"summary":49,"type":21},"AI Security Best Practices: A Developer’s Guide to Securing LLMs and AI-Powered Applications","https:\u002F\u002Fwww.stackhawk.com\u002Fblog\u002Fai-security-best-practices\u002F","AI Security Best Practices: A Developer’s Guide to Securing LLMs and AI-Powered Applications\n\nMatt Tanner |Mar 17, 2026\n\nWhether we resist it or not, AI is showing up in every application. Customer su...",{"title":51,"url":52,"summary":53,"type":21},"Checklist for AI Privacy Compliance | Hello Operator","https:\u002F\u002Fwww.hellooperator.ai\u002Fblog\u002Fchecklist-ai-privacy-compliance","Privacy compliance for AI is essential for organizations processing personal data. This piece outlines why it matters, key risks, and actionable steps to stay compliant with evolving regulations like ...",{"title":55,"url":56,"summary":57,"type":21},"Three ways security teams can effectively deploy Agentic AI","https:\u002F\u002Fwww.scworld.com\u002Fperspective\u002Fthree-ways-security-teams-can-effectively-deploy-agentic-ai","From financial risk management and customer experience to cyber threat detection and software development, Agentic AI has rapidly transformed business. Unlike traditional chatbots or smart assistants,...",null,{"generationDuration":60,"kbQueriesCount":61,"confidenceScore":62,"sourcesCount":61},157027,10,100,{"metaTitle":6,"metaDescription":10},"en","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1532540859745-7b3954001b75?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHwxfHxjb21tdW5pdHklMjBiYW5rfGVufDF8MHx8fDE3NzkwNDY2NzJ8MA&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60",{"photographerName":67,"photographerUrl":68,"unsplashUrl":69},"Joshua Hoehne","https:\u002F\u002Funsplash.com\u002F@joshua_hoehne?utm_source=coreprose&utm_medium=referral","https:\u002F\u002Funsplash.com\u002Fphotos\u002Fdrive-in-banking-signage-LeqCI5v81-c?utm_source=coreprose&utm_medium=referral",false,{"key":72,"name":73,"nameEn":73},"ai-engineering","AI Engineering & LLM Ops",[75,83,91,98],{"id":76,"title":77,"slug":78,"excerpt":79,"category":80,"featuredImage":81,"publishedAt":82},"6a0b38e21234c70c8f160b26","AI-Enabled Zero-Day 2FA Bypass: How to Protect Open-Source Admin Tools from the Next Wave of Attacks","ai-enabled-zero-day-2fa-bypass-how-to-protect-open-source-admin-tools-from-the-next-wave-of-attacks","AI models can now autonomously discover and chain zero-days across large, mature codebases, including OSes, browsers, and core libraries.[2][7]  \nThe lag between disclosure and in‑the‑wild exploitatio...","hallucinations","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1638281269990-8fbe0db9375e?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHwxfHxlbmFibGVkJTIwemVyb3xlbnwxfDB8fHwxNzc5MTQwMzY2fDA&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60","2026-05-18T16:12:30.729Z",{"id":84,"title":85,"slug":86,"excerpt":87,"category":88,"featuredImage":89,"publishedAt":90},"6a0a9e25e92e33c825daace0","Designing Nvidia-Grade Ising Quantum AI Models for Robust Qubit Calibration","designing-nvidia-grade-ising-quantum-ai-models-for-robust-qubit-calibration","1. Problem Framing: Why Quantum Calibration Needs Ising-Aware AI on NVIDIA Stacks\n\nModern quantum devices depend on continuous calibration: qubit frequencies, amplitudes, and pulses drift on minute–ho...","safety","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1716967318503-05b7064afa41?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHwxfHxkZXNpZ25pbmclMjBudmlkaWF8ZW58MXwwfHx8MTc3OTA4MDk2MHww&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60","2026-05-18T05:09:19.273Z",{"id":92,"title":93,"slug":94,"excerpt":95,"category":80,"featuredImage":96,"publishedAt":97},"6a0a72bde92e33c825daaa40","Nvidia Ising Quantum AI: A Practical Guide to Automating Qubit Calibration and Error Correction","nvidia-ising-quantum-ai-a-practical-guide-to-automating-qubit-calibration-and-error-correction","1. Why quantum computing suddenly needs AI-grade calibration\n\nQuantum processors remain blocked by noise: even top devices see errors roughly every 10³ operations, while fault-tolerant systems need ra...","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1716967318503-05b7064afa41?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHwxfHxudmlkaWElMjBpc2luZyUyMHF1YW50dW0lMjBwcmFjdGljYWx8ZW58MXwwfHx8MTc3OTA4ODAxM3ww&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60","2026-05-18T02:05:04.241Z",{"id":99,"title":100,"slug":101,"excerpt":102,"category":103,"featuredImage":104,"publishedAt":105},"69fc80447894807ad7bc3111","Cadence's ChipStack Mental Model: A New Blueprint for Agent-Driven Chip Design","cadence-s-chipstack-mental-model-a-new-blueprint-for-agent-driven-chip-design","From Human Intuition to ChipStack’s Mental Model\n\nModern AI-era SoCs are limited less by EDA speed than by how fast scarce verification talent can turn messy specs into solid RTL, testbenches, and clo...","trend-radar","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1564707944519-7a116ef3841c?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHwxNnx8YXJ0aWZpY2lhbCUyMGludGVsbGlnZW5jZSUyMHRlY2hub2xvZ3l8ZW58MXwwfHx8MTc3ODE1NTU4OHww&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60","2026-05-07T12:11:49.993Z",["Island",107],{"key":108,"params":109,"result":111},"ArticleBody_bAc7lZtXCWtlDDSFTFGvD7e5PKDc2DlL7Fp5LVuBVc",{"props":110},"{\"articleId\":\"6a0a1840e92e33c825da84d5\",\"linkColor\":\"red\"}",{"head":112},{}]