AI training startup Mercor confirms major data breach
Mercor, a $10 billion AI startup, has confirmed a major data breach stemming from a supply chain attack on the open-source LiteLLM library. The incident, detected around late March 2026, exposed about four terabytes of sensitive data, including source code, user databases, video recordings, and personal details like names and Social Security numbers for over 40,000 contractors and customers.
Breach Details
Hackers from groups TeamPCP and Lapsus$ compromised LiteLLM versions 1.82.7 and 1.82.8 on March 27, 2026, stealing credentials and exfiltrating data via malicious code. Mercor contained the breach quickly and launched third-party forensic probes, while notifying affected parties. Leaked materials include Slack chats, ticketing data, AI-contractor videos, 939 GB of code, and a 211 GB user database.
Impact on Partners
Meta paused its collaboration with Mercor indefinitely over risks to AI training methodologies used by clients like OpenAI and Anthropic. OpenAI is investigating but continuing projects, while Anthropic has not commented publicly. The breach raises concerns about proprietary data pipelines shared across AI firms.
A class action lawsuit filed April 1, 2026, by Lisa Gill in California’s Northern District Court accuses Mercor of inadequate cybersecurity, affecting over 40,000 people vulnerable to identity theft. Lapsus$ is auctioning the data on dark web forums.
