SEC Launches Investigation Into iLearningEngines’ $250,000 Cyberattack Incident

iLearningEngines, a Maryland-based AI training software provider, has been affected by a cyberattack involving a business email compromise (BEC) scheme that resulted in a $250,000 loss for the company. The attackers also deleted several emails before fleeing. The incident, confirmed in an 8-K filing with the SEC, is under investigation and highlights the growing threat of BEC attacks, which the FBI reports are far more lucrative than ransomware.

In this article, we will discuss the sequence of the BEC attack, analyze the financial and legal impact on learning engines, explore effective strategies to defend against such attacks and explain how Cytopus can assist organizations in mitigating and preventing similar incidents in the future.

BEC Attack

In a regulatory filing, iLearningEngines disclosed that hackers accessed its community, stole the payment of $250,000, and deleted several e-mail messages earlier than the breach became contained. Although external forensic professionals and activating its cybersecurity response plan, the funds have no longer been recovered. BEC attacks like this one are a growing undertaking, with the FBI reporting over $2.9 billion in losses in 2023.

These schemes often target agencies that handle wire transfers, exploiting e-mail bills to govern payments. While businesses can mitigate dangers with robust e-mail protection and quick responses, recuperating stolen finances remains a hard challenge, requiring immediate coordination with banks and cybersecurity experts.

Anatomy of a Business Email Compromise

Financial and Legal Impact

iLearningEngines cautioned investors that the $250,000 loss from a cyberattack may not be the only cost incurred from the incident. However, the company does not expect this to have a material impact on its overall financial performance in 2024, according to its disclosure. “Based on the information available so far, the company believes the cybersecurity incident will have an impact on its operations for the quarter ending December 31, 2024, but does not expect it to have a material impact on its full-year 2024 results.”

The disclosure also highlights the risks involved, including possible legal action, regulatory audits, changes in customer or investor behavior, and management distraction. While iLearningEngines has not ruled out the possibility of legal and regulatory consequences, such developments could exacerbate existing challenges.

The company is already dealing with a class-action lawsuit alleging it misreported its earnings. This lawsuit stems from an August report by Hindenburg Research, which accused the company of inflating its sales. iLearningEngines denies these claims, citing extensive third-party audits conducted by major financial institutions.

In addition, the company recently formed a "Special Committee of the Board of Directors" to independently investigate the allegations. It also delayed releasing its third-quarter 2024 financial results. Following these developments, iLearningEngines’ share price dropped by 53%.

Cyber Security Solutions

Enable Multi-Factor Authentication (MFA)

MFA adds another layer of security by requiring more than just a password to access an account. This makes it more difficult for attackers to steal data or conduct unauthorized transactions.

Use a strong, unique password

Make sure users use strong, unique passwords for each account. Password managers can help store and manage passwords securely, reducing the risk of attacks.

Use Privileged Access Management (PAM)

PAM helps secure accounts with sensitive information. It provides visibility into who is accessing privileged accounts, restricts privileged users, and monitors for unusual activity that may indicate a BEC attack.

Train employees about BEC attacks

Train employees on phishing techniques and how to respond. They should pay attention to warning signs, like fake emails, suspicious searches, and questionable domain names.

Strengthen email security controls

Email authentication protocols (SPF, DKIM, DMARC) should be used to prevent users from receiving phishing emails. Additionally, VPNs and encrypted email security features should be used to protect sensitive information.

How Cytopus Can Help Your Business Defend Against Phishing Attacks

Phishing attacks continue to be a major cybersecurity threat, but Cytopus offers a comprehensive approach to protect your business such as:

1. Employee Training & Awareness: We provide cybersecurity training for different roles in various forms and update cadences.

2. Advanced Threat Detection: Using cutting-edge security monitoring tools, we identify phishing emails and malicious activity in real-time, preventing them from reaching your employees.

3. Incident Response Planning: In the event of a successful phishing attack, we offer post-incident support to investigate, contain, and mitigate the impact, ensuring your business recovers quickly.

4. Email Security Solutions: We implement robust email security measures, including spam filters, encryption, and multi-factor authentication, to block phishing attempts before they reach inboxes.

5. Ongoing Monitoring and Updates: Phishing tactics evolve, so we continuously update your defense systems to ensure they remain effective against new and emerging threats.