AI company tells SEC that $250,000 stolen in cyberattack

Avatar

An artificial intelligence company said a hacker breached its network and stole a $250,000 wire payment in an incident likely to have a material impact on the firm’s bottom line.

iLearningEngines filed an 8-K form with the U.S. Securities and Exchange Commission on Monday notifying the agency of a recent cybersecurity incident. 

“The ongoing investigation has revealed that a threat actor illegally accessed the Company’s environment and certain files on its network, misdirected a $250,000 wire payment, and deleted a number of email messages,” the company explained.  

“The wire payment has not been recovered. When it learned of the incident, which has been contained, the Company activated its cybersecurity response plan and launched an internal investigation.”

iLearningEngines did not say when the incident occurred or was discovered but noted that outside cybersecurity firms have been hired to help with the response and investigation. 

The company added that the expenses associated with the recovery from the incident will have a short-term impact, but they don’t expect it to have a material effect on its yearly results.

“The Company remains subject to various risks due to the incident, including diversion of management’s attention, potential litigation, changes in customer or investor behavior, and regulatory scrutiny,” iLearningEngines said. 

The company, which reported revenues of $135.5 million last quarter, provides automation tools to more than 1,000 companies across several sectors including healthcare, education and retail. 

In recent months, company executives have had to defend their work against accusations that revenue figures have been artificially inflated. A law firm announced a class action lawsuit on Friday alleging the company misled investors. 

The kind of business email compromise experienced by iLearningEngines continues to be a thorny issue for companies around the globe. 

Most schemes target businesses that deal with wire transfers or automated clearing house payments, with the end goal being to get victims to mistakenly send funds to hacker-controlled accounts. 

The FBI said in 2023 that business email compromise accounted for $2.9 billion in losses. The FBI warned last year scammers “are increasingly using custodial accounts held at financial institutions for cryptocurrency exchanges or third-party payment processors, or having targeted individuals send funds directly to these platforms where funds are quickly dispersed.”

In August, about $60 million was stolen from one of the leading suppliers of carbon products after an employee was tricked into making several wire transfers to cybercriminals. A school district in Tennessee was also tricked into handing over millions.

CybercrimeGovernmentIndustryNews BriefsNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Ransomware gang Akira leaks unprecedented number of victims’ data in one day

Next Post

Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

Related Posts

New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency

Cybersecurity researchers have uncovered a new malware campaign targeting Linux environments to conduct illicit cryptocurrency mining. The activity, which specifically singles out the Oracle Weblogic server, is designed to deliver malware dubbed Hadooken, according to cloud security firm Aqua. "When Hadooken is executed, it drops a Tsunami malware and deploys a crypto miner," security researcher
Avatar
Read More

Embarking on a Compliance Journey? Here’s How Intruder Can Help

Navigating the complexities of compliance frameworks like ISO 27001, SOC 2, or GDPR can be daunting. Luckily, Intruder simplifies the process by helping you address the key vulnerability management criteria these frameworks demand, making your compliance journey much smoother. Read on to understand how to meet the requirements of each framework to keep your customer data safe. How Intruder
Avatar
Read More