Opening incident

Loading disclosure

Pulling the filing, breach taxonomy, and impact scoring…

Duke

Blog Incident database Request access

Loading database

Indexing incidents

Fetching SEC-disclosed cyber incidents and Duke's breach taxonomy…

Duke

Blog Incident database Request access

Opening incident

Loading disclosure

Pulling the filing, breach taxonomy, and impact scoring…

iLearningEngines, Inc. Cyber Criminals (2024) | SEC Cybersecurity Incident | Duke Security

Duke

Blog Incident database Request access

← Back to incidents

Incident · Cyber Criminals

iLearningEngines, Inc. · AILE

Information TechnologyUSAIncident September 30, 2024Filed November 12, 2024

Impact score

Business continuity

—

Insurance involved

Not disclosed

Filing

8-K · 1.05

Breach taxonomy

Cyber CriminalsAccount TakeoverData ExfilCash EquivalentConfidential BizFinancial FraudInfo Privacy Loss

Summary

iLearningEngines, Inc. discovered a business email compromise (BEC) attack in which an unauthorized actor gained access to the company's systems, misdirected a wire transfer of approximately $250,000, and accessed certain company data. The company notified law enforcement and engaged cybersecurity professionals. The unauthorized access was contained and the company is assessing the full scope of data accessed.

Tagging rationale

ThreatCyber Criminals

Filing describes a business email compromise scheme with a fraudulent wire transfer — a financially motivated criminal attack pattern. The filing states an unauthorized actor caused the misdirection of funds → CYBER-CRIMINALS.

MethodsAccount TakeoverData Exfil

Business email compromise involves unauthorized account access to redirect funds (ACCOUNT-TAKEOVER) combined with access to company data (DATA-EXFIL).

AssetsCash EquivalentConfidential Biz

The attack resulted in misdirection of a $250,000 wire transfer (CASH-EQUIVALENT) and unauthorized access to company data (CONFIDENTIAL-BIZ).

EffectsFinancial FraudInfo Privacy Loss

The wire fraud resulted in financial loss (FINANCIAL-FRAUD) and the unauthorized access to company data constitutes an information privacy/data loss effect (INFO-PRIVACY-LOSS).

Impact

BEC attack with $250K financial loss and data access at a small-cap company; limited confirmed impact and no system outage → score 2.

InsuranceNot disclosed

Filing makes no mention of insurance → null.

Read the original SEC filing excerpt

Item 1.05 Material Cybersecurity Incidents. On or around September 30, 2024, iLearningEngines, Inc. (the Company) discovered that an unauthorized actor had gained access to the Company's information technology environment. The unauthorized actor misdirected a wire transfer of approximately $250,000 and accessed certain Company data. Upon discovery, the Company took immediate steps to contain the incident, notified law enforcement, and engaged cybersecurity professionals. The Company is continuing to investigate the nature and scope of the incident, including the data that was accessed.

View SEC filing Back to database

Get alerts on new incidents

Drop your email and we’ll let you know when fresh SEC disclosures land in the database. No spam.

More in Information Technology

Unknown · April 13, 2026

Itron, Inc.

Itron was notified on April 13, 2026 that an unauthorized third party had gained access to certain corporate systems. The company activated …

Unknown · November 1, 2025

Logitech International S.A.

Logitech experienced a cybersecurity incident in which an unauthorized third party exploited a zero-day vulnerability in a third-party softw…

Unknown · September 20, 2025

BK Technologies Corporation

On approximately September 20, 2025, BK Technologies Corporation detected suspicious activity involving its IT systems and launched an inves…

Unknown · August 29, 2025

EVERTEC, Inc.

On August 29, 2025, Sinqia S.A., a Brazilian subsidiary of EVERTEC, Inc., identified unauthorized activity in its Pix real-time payment envi…