Lapsus$ says it breached Mercor's systems. The extortion group posted what looks like internal Slack data and videos showing conversations between the AI recruiting startup's systems and contractors.
Mercor, valued at $10 billion, was also caught in a supply chain attack on LiteLLM, a widely-used open source library. The company told TechCrunch it's "one of thousands of companies" affected when hackers inserted malicious code into a LiteLLM package downloaded millions of times daily.
The attack traces back to TeamPCP, which compromised LiteLLM's open source project. Malicious code was caught and removed within hours, but not before spreading. Mercor spokesperson Heidi Hagberg said the company moved fast to contain the incident and brought in third-party forensics experts. She wouldn't confirm whether Lapsus$ was connected or discuss what data might've been taken.
Mercor recruits domain experts like doctors, lawyers, and scientists to train AI models for OpenAI and Anthropic. That's sensitive work. The company processes over $2 million in daily contractor payments, meaning it holds confidential data about how these AI giants build their models. Attackers with access to Mercor's systems could've obtained proprietary training methodologies or partnership details.
Standard security practices didn't catch this. Hacker News commenters noted that SOC2 compliance failed to detect the dependency injection attack. LiteLLM has since switched from compliance startup Delve to Vanta, but that move raised more concerns. The leaked Delve customer list from the attack could now serve as a target list for other hackers.