Filed Pursuant to Rule 253(g)(2)

File No. 024-11920

COMMUNITY HERITAGE FINANCIAL, INC.

SUPPLEMENT NO. 2, DATED OCTOBER 26, 2022,

TO THE OFFERING CIRCULAR, DATED SEPTEMBER 28, 2022,

AS SUPPLEMENTED BY SUPPLEMENT NO. 1, DATED OCTOBER 3, 2022

This Supplement No. 2, dated October 26, 2022, supplements the Offering Circular, dated September 28, 2022 (the “Offering Circular”), as supplemented by Supplement No. 1, dated October 3, 2022 (“Supplement No. 1”), of Community Heritage Financial, Inc. (the “Company”), which forms a part of the Offering Statement on Form 1-A (as amended by Post-Qualification Amendment No. 1 (File No. 024-11920)) qualified by the U.S. Securities and Exchange Commission on September 28, 2022. This Supplement No. 2 should be read in conjunction with the Offering Circular and Supplement No. 1. Unless otherwise defined in this Supplement No. 2, capitalized terms used in this Supplement No. 2 shall have the same meaning as set forth in the Offering Circular and Supplement No. 1.

The purpose of this Supplement No. 2 is to provide updated information related to the previously reported data security incident that was reported in Supplement No. 1. Except as specifically set forth in this Supplement No. 2, the Offering Circular and Supplement No. 1 remain unchanged.

On October 1, 2022, the Bank determined there was unauthorized access to a portion of its information technology system. Within hours of the detection of the event, the Bank implemented a series of containment and remediation measures to address the situation. The Bank also launched an investigation and engaged legal counsel, a computer forensic firm and other incident response professionals. In connection with the investigation, the Bank subsequently became aware that the incident impacted files containing certain customer information. The Bank is currently notifying all individuals identified to date, consistent with applicable laws whose information may have been impacted, including Bank customers and others whose information was contained in those files. All impacted individuals will be offered free credit monitoring and identity theft protection services. Currently, the Company does not believe that this data security incident will have a material adverse impact on its financial condition or results of operation.

See “Risk Factors” beginning on page 10 of the offering circular for a discussion of information that should be considered in connection with deciding whether to make an investment. 

The United States Securities and Exchange Commission (the “SEC”) does not pass upon the merits of or give its approval to any securities offered or the terms of the offering, nor does it pass upon the accuracy or completeness of any offering circular or other solicitation materials. These securities are offered pursuant to an exemption from registration with the SEC; however, the SEC has not made an independent determination that the securities offered are exempt from registration.

The date of this Supplement No. 2 to the Offering Circular is October 26, 2022.