Incident Overview
- Date of Report: August 9, 2023
- Company: Community Trust Bancorp, Inc. (CTBI)
- Form: 8-K
- Event Date: Notification received on August 9, 2023
Key Details
- Incident: On May 31, 2023, Progress Software Corporation disclosed a vulnerability in its MOVEit Transfer tool. CTBI does not use MOVEit internally, but a third-party vendor’s use of MOVEit potentially exposed CTBI’s customer data.
- Vendor Action: The vendor implemented patches released by Progress Software Corporation.
- Impact: Potential exposure of customer personal information; ongoing operations of CTBI were not impacted.
- Response: CTBI collaborated with the vendor to identify and notify potentially affected customers. CTBI expects its cyber insurance to cover many of the costs related to the incident.
Forward-Looking Statements
- Risks: Statements about the incident’s impact and insurance coverage are forward-looking and subject to risks and uncertainties. Factors include risk factors from CTBI’s Annual Report on Form 10-K and other SEC filings.
- Obligations: CTBI does not undertake any obligation to update forward-looking statements.
Signature
- Report signed by Mark A. Gooch, Vice Chairman, President, and CEO, on August 11, 2023.
For more detailed information, you can access the full SEC filing here.