iLearningEngines, a prominent U.S.-based provider of AI-driven enterprise training software, officially notified regulators of a sophisticated cyberattack that resulted in the theft of $250,000 in company funds. The breach, disclosed this week, highlights the growing vulnerability of AI-tech firms to targeted financial fraud.
The Breach: How the Funds Were Stolen
In an 8-K regulatory filing submitted to the U.S. Securities and Exchange Commission (SEC) on Monday, iLearningEngines confirmed that an unauthorized third party successfully infiltrated its internal network. Once inside, the threat actor managed to misdirect a $250,000 wire payment. To date, the company has been unable to recover the stolen capital.
Suspected Business Email Compromise
While the company has not publicly disclosed the exact date of the incident or the specific technical methodology used by the hackers, the nature of the theft points toward a Business Email Compromise (BEC). In these scenarios, attackers manipulate or hijack email accounts to deceive organizations into authorizing fraudulent wire transfers.
Beyond the financial loss, the intruders deleted a significant volume of internal email communications and accessed sensitive files within the network. The firm has yet to provide a full inventory of which specific documents were exposed during the breach.
Operational and Financial Impact
The cybersecurity incident is expected to have a material impact on iLearningEngines’ operations for the fiscal quarter ending December 31, 2024. The company acknowledged that it has already incurred—and may continue to face—additional expenses related to the investigation and remediation of the attack.
This security setback comes during a challenging financial period for the company. In its fiscal second-quarter results, the firm reported a loss of $314 million against revenues of $135 million.
iLearningEngines, which specializes in “AI-powered learning automation,” went public in April 2024 and currently maintains a client base of over 1,000 enterprise customers. The firm has not yet provided further commentary regarding the status of the investigation.