U.S.-based iLearningEngines, a provider of AI-powered training software for enterprises, has disclosed a significant cybersecurity incident in a regulatory filing with the U.S. Securities and Exchange Commission (SEC), revealing that hackers were able to infiltrate its network and misdirect a wire payment worth $250,000.

The company filed an 8-K report on Monday, stating that it had recently fallen victim to a cyberattack by an unnamed threat actor. According to the filing, the hacker accessed iLearningEngines’ network, where they misdirected a wire transfer of $250,000, a sum the company has not been able to recover.

While the filing does not provide specific details on the timing of the attack or the precise nature of the breach, the description of the misdirected funds suggests that iLearningEngines may have been targeted by a business email compromise (BEC) attack. BEC attacks typically involve attackers gaining control of email accounts to manipulate or intercept wire transfers, often exploiting companies with international suppliers or those that conduct frequent financial transactions.

In addition to the financial loss, iLearningEngines reported that the attacker also deleted a number of emails and accessed "certain files" within the company’s network. However, the company has not disclosed what files were accessed or the scope of the data compromised.

The company has stated that it expects to incur further expenses related to the incident and that the attack may have a material impact on its operations during its fiscal quarter ending december 31, 2024. iLearningEngines, which went public in april 2024, also revealed a substantial loss in its most recent financial results, reporting a loss of $314 million on revenues of $135 million in its fiscal second quarter.

iLearningEngines, which provides AI-powered learning automation solutions, serves over 1,000 enterprise clients. The breach, coupled with the financial losses, is expected to add pressure to the company's operations as it continues to recover from the attack.

While iLearningEngines has not yet provided further details or responded to questions from TechCrunch, the incident underscores the ongoing risks to companies, especially those that rely heavily on electronic transactions and email communication. As cyber threats continue to evolve, businesses are being urged to enhance their cybersecurity defenses, especially against targeted social engineering schemes like BEC attacks, which have grown in sophistication in recent years.

The company's disclosure of the attack adds to the growing list of high-profile breaches involving financial fraud, highlighting the increasing threat that cybercriminals pose to businesses across industries.

As iLearningEngines works to address the fallout from this attack, its ability to recover funds and restore its cybersecurity posture will likely be closely watched by regulators, investors, and customers alike.