U.S.-based iLearningEngines, a provider of AI training software for enterprises, has alerted regulators to a cyberattack that allowed hackers to break into its network and steal $250,000 worth of company funds.
In an 8-K regulatory filing on Monday with the U.S. Securities and Exchange Commission, iLearningEngines said it had experienced a “cybersecurity incident” that saw an unnamed threat actor recently access the organization’s network. The company said once inside the company’s network, the hacker “misdirected a $250,000 wire payment,” which iLearningEngines has not been able to recover.
The company did not say exactly when the incident occurred, nor specified the nature of the cyberattack. But, the company’s description of a misdirected wire payment suggests the company fell victim to a business email compromise, or BEC attack, whereby an attacker compromises or manipulates email accounts to steal funds from a company or its employees. BEC scams often target companies that conduct wire transfers, or have suppliers and vendors abroad.
According to the filing, the hacker also deleted a number of email messages and accessed “certain files” on iLearningEngines’ network. The company hasn’t confirmed what files were accessed and has not yet responded to TechCrunch’s questions.
iLearningEngines says it has incurred and “may continue to incur” certain expenses related to the cybersecurity incident, and expects it to have a material impact on its operations during its fiscal quarter ending December 31, 2024. The company said it lost $314 million on revenues of $135 million during its fiscal second quarter.
The company, which describes itself as an “AI-powered learning automation” firm, went public in April 2024, and says it serves over 1,000 enterprise customers.