Just six months after raising a $350 million Series C funding round, the artificial intelligence data training startup Mercor is facing a severe crisis. The company, valued at $10 billion, confirmed on March 31, 2026, that it suffered a massive cyberattack. The Mercor data breach exposed roughly 4 terabytes of sensitive information, triggering contractor lawsuits and prompting major clients to indefinitely pause their contracts.
The breach did not originate directly within Mercor’s internal systems. Instead, it resulted from a supply chain attack on LiteLLM, a popular open-source artificial intelligence gateway downloaded 95 million times per month. The incident highlights the fragile nature of the artificial intelligence supply chain and has raised serious trust concerns among enterprise customers.
How the Supply Chain Attack Unfolded
The cyberattack began when the threat actor group TeamPCP exploited a vulnerability in an open-source security scanner called Trivy. By stealing maintainer credentials, the hackers compromised LiteLLM’s publishing pipeline. On March 24, TeamPCP published malicious versions of the LiteLLM software to a public repository.
For approximately 40 minutes, the compromised tool harbored credential-harvesting malware. When Mercor’s systems automatically downloaded the malicious updates, the malware executed immediately. It swept Mercor’s infrastructure, successfully stealing API keys, cloud credentials, database passwords, and SSH keys.
Using these stolen credentials, attackers moved laterally through Mercor’s network. The extortion group Lapsus$, working alongside TeamPCP, claimed responsibility for stealing the data and began threatening to release it.
The Scope of the Stolen Data
The volume and sensitivity of the exposed information make the Mercor data breach particularly severe. Lapsus$ claims to have obtained 4 terabytes of data, which reportedly includes 939 gigabytes of platform source code and a 211-gigabyte user database.
The hackers allegedly stole 3 terabytes of video interview recordings and identity verification documents. The breach exposed the personal data of more than 40,000 independent contractors, including addresses and Social Security numbers. Internal Slack communications and ticketing data were also compromised.
Mercor provides bespoke, human-generated training data to teach reasoning to artificial intelligence models. Consequently, the breach may have exposed proprietary training methodologies, data selection criteria, and labeling protocols belonging to frontier laboratories like Meta and OpenAI. The potential leak of this state-of-the-art training data has been described by industry leaders as a major national security issue.
Contractors File Multiple Lawsuits
Following the incident, affected contractors filed at least five lawsuits against Mercor in federal courts across California and Texas. The plaintiffs accuse the company of negligence, violating data privacy laws, and failing to protect consumer information.
The lead case alleges that Mercor failed to implement standard cybersecurity measures such as multi-factor authentication. Another plaintiff, NaTivia Esson, stated she provided her personal information on tax forms expecting the company to use reasonable safeguards. The lawsuits seek unspecified financial compensation for the victims. While Mercor has declined to comment on the litigation, a lead generation website called MercorClaims.com has already launched to attract potential plaintiffs.
The Delve Technologies Compliance Scandal
Complicating the legal landscape, one contractor lawsuit also targets Berrie AI, the creator of LiteLLM, and Delve Technologies, a compliance startup. Delve had previously issued security certifications for LiteLLM.
However, an anonymous whistleblower recently exposed Delve for allegedly running a fake compliance operation. The whistleblower claimed Delve generated pre-written audit reports and fake security evidence for clients. Following these revelations, Y Combinator expelled Delve from its accelerator, and LiteLLM dropped the firm to work with a different auditor. Mercor confirmed it was never a customer of Delve Technologies.
Major Clients Halt Operations
The business fallout from the cyberattack has been swift. Meta, which relies on Mercor for proprietary training data, has indefinitely suspended all work with the contractor while investigating the incident. This pause has left Mercor’s gig workers unable to log hours.
OpenAI confirmed it is investigating how its proprietary training data may have been exposed but has not yet paused its active projects with Mercor. Despite this, reports indicate that Mercor is losing other enterprise clients who are migrating to competitors. Before the attack, Mercor was reportedly on pace to generate over $1 billion in annualized revenue. Now, the startup must navigate mounting legal battles and a mass exodus of customers as it fights to survive this critical security failure.
