Incident Overview

  • Date of Report: August 9, 2023
  • Company: Community Trust Bancorp, Inc. (CTBI)
  • Form: 8-K
  • Event Date: Notification received on August 9, 2023

Key Details

  • Incident: On May 31, 2023, Progress Software Corporation disclosed a vulnerability in its MOVEit Transfer tool. CTBI does not use MOVEit internally, but a third-party vendor’s use of MOVEit potentially exposed CTBI’s customer data.
  • Vendor Action: The vendor implemented patches released by Progress Software Corporation.
  • Impact: Potential exposure of customer personal information; ongoing operations of CTBI were not impacted.
  • Response: CTBI collaborated with the vendor to identify and notify potentially affected customers. CTBI expects its cyber insurance to cover many of the costs related to the incident.

Forward-Looking Statements

  • Risks: Statements about the incident’s impact and insurance coverage are forward-looking and subject to risks and uncertainties. Factors include risk factors from CTBI’s Annual Report on Form 10-K and other SEC filings.
  • Obligations: CTBI does not undertake any obligation to update forward-looking statements.

Signature

  • Report signed by Mark A. Gooch, Vice Chairman, President, and CEO, on August 11, 2023.

For more detailed information, you can access the full SEC filing here.