← Back to incidents

Incident · Cyber Criminals

iLearningEngines, Inc. · AILE

Information TechnologyUSAIncident September 30, 2024Filed November 12, 2024
Impact score
Business continuity
Insurance involved
Not disclosed
Filing
8-K · 1.05

Breach taxonomy

Cyber CriminalsAccount TakeoverData ExfilCash EquivalentConfidential BizFinancial FraudInfo Privacy Loss

Summary

iLearningEngines, Inc. discovered a business email compromise (BEC) attack in which an unauthorized actor gained access to the company's systems, misdirected a wire transfer of approximately $250,000, and accessed certain company data. The company notified law enforcement and engaged cybersecurity professionals. The unauthorized access was contained and the company is assessing the full scope of data accessed.

Tagging rationale

ThreatCyber Criminals

Filing describes a business email compromise scheme with a fraudulent wire transfer — a financially motivated criminal attack pattern. The filing states an unauthorized actor caused the misdirection of funds → CYBER-CRIMINALS.

MethodsAccount TakeoverData Exfil

Business email compromise involves unauthorized account access to redirect funds (ACCOUNT-TAKEOVER) combined with access to company data (DATA-EXFIL).

AssetsCash EquivalentConfidential Biz

The attack resulted in misdirection of a $250,000 wire transfer (CASH-EQUIVALENT) and unauthorized access to company data (CONFIDENTIAL-BIZ).

EffectsFinancial FraudInfo Privacy Loss

The wire fraud resulted in financial loss (FINANCIAL-FRAUD) and the unauthorized access to company data constitutes an information privacy/data loss effect (INFO-PRIVACY-LOSS).

Impact

BEC attack with $250K financial loss and data access at a small-cap company; limited confirmed impact and no system outage → score 2.

InsuranceNot disclosed

Filing makes no mention of insurance → null.

Read the original SEC filing excerpt
Item 1.05 Material Cybersecurity Incidents. On or around September 30, 2024, iLearningEngines, Inc. (the Company) discovered that an unauthorized actor had gained access to the Company's information technology environment. The unauthorized actor misdirected a wire transfer of approximately $250,000 and accessed certain Company data. Upon discovery, the Company took immediate steps to contain the incident, notified law enforcement, and engaged cybersecurity professionals. The Company is continuing to investigate the nature and scope of the incident, including the data that was accessed.
View SEC filingBack to database

More in Information Technology

Unknown · November 1, 2025

Logitech International S.A.

Logitech experienced a cybersecurity incident in which an unauthorized third party exploited a zero-day vulnerability in a third-party softw

Unknown · September 20, 2025

BK Technologies Corporation

On approximately September 20, 2025, BK Technologies Corporation detected suspicious activity involving its IT systems and launched an inves

Unknown · August 29, 2025

EVERTEC, Inc.

On August 29, 2025, Sinqia S.A., a Brazilian subsidiary of EVERTEC, Inc., identified unauthorized activity in its Pix real-time payment envi

Unknown · August 25, 2025

Wytec International, Inc.

On August 25, 2025, Wytec International detected that a bad actor had defaced the company website (wytecintl.com); after the company restore