Cyber Incident Victim: Mercor

Mercor, an AI recruiting startup valued at $10 billion, announced on April 28, 2025 that it had detected anomalous activity in its systems after security researchers at Snyk identified malicious code within the widely used open‑source LiteLLM package earlier that week. The malicious code was removed within hours of its discovery, but the exposure window allowed threat actors to compromise downstream systems that relied on the affected library. Mercor’s internal sources indicated that the anomaly was first noticed on Monday, April 28, and by Tuesday, April 29, the extortion‑focused hacking group Lapsus$ claimed responsibility on its leak site, publishing samples of allegedly stolen data. The compromised information reportedly includes Slack communications, ticketing system records, and video files showing interactions between Mercor’s AI platform and its contractor workforce.

Mercor told TechCrunch that it was one of thousands of companies affected by the LiteLLM supply‑chain compromise, noting that the breach raised concerns about the exposure of contractor data such as professional credentials and payment information, as well as potential disclosure of proprietary AI training material and client details linked to partnerships with firms including OpenAI and Anthropic. Founded in 2023, Mercor connects specialized domain experts—primarily scientists, doctors, and lawyers from India—with AI companies that require high‑quality training data and model validation services, facilitating over $2 million in daily payouts before reaching a $10 billion valuation following a $350 million Series C round led by Felicis Ventures in October 2025. Investigators have traced the initial compromise to a hacking collective known as TeamPCP, which is suspected of having nation‑state ties and a history of sophisticated supply‑chain attacks, while the subsequent data exfiltration and extortion claims have been attributed to Lapsus$, the cybercrime group responsible for earlier high‑profile breaches at NVIDIA, Microsoft and Okta; it remains unclear how Lapsus$ obtained the stolen data from Mercor’s environment.

Mercor spokesperson Heidi Hagberg confirmed that the company is conducting a thorough investigation supported by leading third‑party forensics experts and that it will communicate with customers and contractors as appropriate regarding the incident. The breach has highlighted systemic vulnerabilities in the AI infrastructure ecosystem, showing how a compromise in a foundational open‑source tool like LiteLLM can cascade across thousands of dependent organizations and potentially affect sensitive AI training pipelines. While the dual‑actor involvement—TeamPCP performing the initial supply‑chain intrusion and Lapsus$ claiming the extortion—creates uncertainty about the exact handoff of data, Mercor noted that the incident may have immediate business consequences despite containment efforts, including possible reassessment of data‑sharing arrangements by clients such as OpenAI and Anthropic and heightened risk of contractor attrition due to concerns over personal data safety. The company’s recent $350 million Series C funding provides resources for security remediation and trust‑building initiatives, and regulators may examine whether existing data‑protection frameworks adequately address supply‑chain compromise scenarios.