Mercor startup breached

Mercor said on March 31 that it had been hit in a security incident, and nine days later TechCrunch reported that the fallout had already spread to customers, lawsuits, and fresh scrutiny of the company’s business. The startup was valued at $10 billion in October 2025 after raising a $350 million Series C round. (techcrunch.com 1) (techcrunch.com 2) Mercor sits in a sensitive part of the artificial intelligence supply chain: it recruits and manages experts like doctors, lawyers, and scientists who help train artificial intelligence models for companies including OpenAI and Anthropic. Mercor told TechCrunch it facilitates more than $2 million in daily payouts, which means its systems touch both people data and customer workflow data every day. (techcrunch.com) The break-in did not start with Mercor’s own code. Mercor said it was caught in a supply-chain attack tied to LiteLLM, an open-source software tool that many artificial intelligence developers use as a kind of adapter between their apps and different model providers. (techcrunch.com) (docs.litellm.ai) LiteLLM said the poisoned software versions were 1.82.7 and 1.82.8, and they were live on March 24, 2026 for about 40 minutes before Python Package Index quarantined them. Security researchers at Snyk traced the compromise to stolen publishing credentials and said the malicious packages were designed to harvest secrets from infected machines. (docs.litellm.ai) (snyk.io) TechCrunch reported that the malicious code acted like a key thief inside a building lobby: it stole one set of credentials, used those to reach more systems, and then stole more credentials from there. TechCrunch also reported that LiteLLM was downloaded millions of times per day, which is why a 40-minute window was enough to create industry-wide damage. (techcrunch.com 1) (techcrunch.com 2) An extortion group called Lapsus$ then claimed it had Mercor data and posted samples that TechCrunch reviewed. TechCrunch said the samples appeared to include Slack material, ticketing data, and videos that purportedly showed conversations between Mercor’s artificial intelligence systems and contractors on the platform. (techcrunch.com) By April 9, TechCrunch reported that the claimed haul had grown to 4 terabytes and allegedly included candidate profiles, personally identifiable information, employer data, source code, and application programming interface keys. Mercor did not confirm the authenticity of that full dataset and said it was still investigating with third-party forensics experts. (techcrunch.com 1) (techcrunch.com 2) The customer reaction was immediate because Mercor does not just handle resumes and invoices. Wired reported that Meta paused its contracts with Mercor indefinitely while it investigated whether training methods and other sensitive information connected to its artificial intelligence work had been exposed. (wired.com) (techcrunch.com) OpenAI told Wired it was investigating its own exposure too, but TechCrunch reported that OpenAI had not paused or ended its contracts at that point. That split response shows the bind for big model makers: Mercor is a vendor, but it is also part of the machinery they use to build products. (wired.com) (techcrunch.com) The legal trouble arrived just as fast as the customer trouble. Business Insider reported, via syndication, that five Mercor contractors sued within about a week, alleging exposure of data including Social Security numbers, addresses, and interview recordings. (aol.com) This is landing on a company that was already in a fight-heavy stretch. In September 2025, Scale AI sued Mercor and a former Scale employee, alleging confidential customer strategy documents were taken after the employee joined Mercor; Mercor co-founder Surya Midha denied Mercor used Scale trade secrets. (techcrunch.com) The ugly part is that Mercor’s breach looks less like one company forgetting to lock a door and more like a contractor opening a poisoned package that was delivered to half the neighborhood. Mercor told TechCrunch it was “one of thousands of companies” affected, which is exactly why this story is getting attention far beyond one startup. (techcrunch.com)