Mercor AI Data Leak

Mercor confirmed it was impacted by a security incident tied to the recent LiteLLM supply‑chain compromise, saying it was “one of thousands” of projects affected. (techcrunch.com) Extortion group Lapsus$ claimed possession of roughly 4TB of Mercor data and posted a sample, saying the haul included 939GB of source code, 211GB of database records (resumes and personal data) and nearly 3TB of stored files such as video interviews and KYC documents. (techstartups.com) The attackers asserted they gained full access to Mercor’s Tailscale VPN environment and published Slack/ticketing excerpts plus two videos purportedly showing interactions between Mercor’s AI systems and contractors. (techcrunch.com) Security analysts linked the incident to a compromised LiteLLM Python package that TeamPCP allegedly modified to harvest credentials, a supply‑chain vector that has affected many downstream users. (cybernews.com) Mercor was last valued at $10 billion after a Series C announced Oct. 27, 2025, a scale that magnifies the commercial and compliance risks of exposed source code and identity‑verification records. (cnbc.com) Mercor already faces a trade‑secrets legal dispute with Scale AI filed earlier this year, a separate matter that regulators and plaintiffs’ counsel are likely to scrutinize in light of any confirmed PII or KYC exposures. (factually.co)