Mercor—a name well-known among AI hiring platforms—has found itself grappling with the consequences of a sophisticated supply chain attack, the roots of which trace back to the open source project, LiteLLM.
Late Tuesday, Mercor acknowledged to TechCrunch that it had become “one of thousands of organizations” tangled in the aftershock of LiteLLM’s compromise. The incident, intricately linked to the hackers operating under the TeamPCP moniker, unfolded under an even broader shadow: the notorious extortion group Lapsus$ claimed responsibility for targeting Mercor directly, asserting they had breached sensitive company data.
At this stage, the specifics of Lapsus$’ access to Mercor’s information remain a mystery. It is unclear whether the group exploited a vulnerability through TeamPCP’s foray, or if separate methods were used. The exact path the stolen data traveled before landing in Lapsus$’ hands is lost in the thicket of digital subterfuge.
Mercor launched in 2023 with a straightforward ambition: connect companies like OpenAI and Anthropic to top-tier subject matter experts—doctors, researchers, lawyers—all over the globe, including bustling markets in India. By 2025, the startup had transformed from a disruptive newcomer to an industry heavyweight, landing a $10 billion valuation after a massive $350 million Series C investment led by Felicis Ventures—a testament to its influence. At the heart of its business, Mercor claims to handle payments topping $2 million, every day.
Heidi Hagberg, Mercor’s spokesperson, told TechCrunch the company “acted swiftly” to contain and resolve the situation. Her statement was crisp, businesslike, but not without a sense of urgency: “We are running a thorough investigation in partnership with top-tier forensics professionals. Communication with our users and experts will continue as needed. We’re pouring resources into this until it’s ended—period.”
Within hours of the breach, Lapsus$ uploaded a post on its infamous leak site, characteristically brazen. The gang published a sample of the alleged loot—files TechCrunch reviewed closely. In the package were documents referencing internal Slack conversations, snippets of what resembled ticketing logs, and two short video clips, purportedly capturing exchanges between Mercor’s AI interface and its contracted experts. The suggestion was unmistakable: Lapsus$ had managed to grab a window into the operations that Mercor prized most.
When pressed by reporters for more—whether Mercor’s users or contract workers had their personal data swept up, or if the hack was directly tied to Lapsus$’ claims—Hagberg stayed silent. No confirmation, no denial; the only certainty was that the company wasn’t ready to expose the full scope, at least for now.
The seeds of this breach were sown a week earlier. Alert security researchers caught malicious code lurking in a software package from LiteLLM’s popular open-source library—an incident that quickly sent ripples through the developer community. In a span of hours, the code was isolated and cut from the project, but the impact remained unsettling. LiteLLM, after all, is no obscure tool; according to experts at Snyk, its packages are snagged millions of times per day. In response to the incident, LiteLLM announced changes, shifting their compliance partnership from the much-criticized Delve to Vanta, aiming—perhaps belatedly—to shore up trust.
How many companies, beyond Mercor, have fallen victim to echoes of this security lapse? No one can say just yet. The trail is being picked apart by investigators, but the true scope of damage is still hidden in shadow.
As this story unfurls, those watching the tech sector are reminded just how tangled—how fragile—the networks supporting the world’s most innovative companies can be. For Mercor, and many others, the promise and risk of modern connectivity now walk perilously close.
