Mercor confirms breach tied to malicious code in LiteLLM library

In short: Mercor says it was compromised after hackers slipped malicious code into LiteLLM, a widely used open-source software library.

What happened

Mercor, an AI startup valued around $10 billion that supplies training data to major AI companies, confirmed it was affected by a supply-chain attack involving LiteLLM. A supply-chain attack is when criminals tamper with a shared tool that many companies use (like poisoning a common ingredient used in many kitchens).

According to Wired, a hacking group called TeamPCP planted malicious code inside LiteLLM. The goal was to steal credentials, meaning login keys that can unlock other systems, and to spread the compromise to many organizations. Security firm Snyk said the malicious code was found and removed within hours of discovery.

After that initial incident, the extortion group Lapsus$ claimed it specifically targeted Mercor. Lapsus$ said it obtained about four terabytes of data, including source code and database records, and posted samples on its leak site. The samples reportedly included Slack data and internal ticketing information, plus two videos that Lapsus$ said showed conversations between Mercor’s AI systems and contractors. It is still unclear how Lapsus$ got data from the earlier TeamPCP compromise.

Mercor spokesperson Heidi Hagberg said the company moved quickly to contain and fix the issue, and that an outside forensics investigation is underway. Mercor did not answer detailed questions about whether customer or contractor data was accessed or taken.

Why it matters

Mercor works with major AI labs, including OpenAI, Anthropic, and Meta, so a breach could expose sensitive information across the AI industry. Even unconfirmed reports of leaked datasets or details about private AI projects are enough to trigger investigations and pause work, because training data is a core ingredient in how AI models are built.

Source: Wired