Mercor Hit by Cyberattack Linked to LiteLLM

A cyberattack has targeted Mercor, an AI recruitment startup, connected to a security breach in the open-source project LiteLLM. The attack is linked to the hacking group TeamPCP, which has confirmed gaining access to Mercor’s data.

Mercor Targeted in Attack Related to LiteLLM Project

Founded in 2023, Mercor told TechCrunch that they are “among thousands of companies” affected by the LiteLLM compromise. The hacking group Lapsus$ has also claimed to have targeted Mercor and accessed their data. It remains unclear how Lapsus$ obtained the stolen data from Mercor during TeamPCP’s cyberattack.

Mercor partners with companies like OpenAI and Anthropic to train AI models by recruiting specialized domain experts from various markets, including India. The company handles daily payouts exceeding $2 million and was valued at $10 billion following a $350 million Series C round led by Felicis Ventures in October 2025. Mercor spokesperson Heidi Hagberg confirmed that they have taken steps to address the security breach and are conducting a thorough investigation with external experts. Lapsus$ has shared a sample of the data they claim to have stolen from Mercor, which includes references to Slack data and videos of conversations between Mercor’s AI systems and contractors.

Implications for U.S. Tech Companies

AIny brief analysis: The cyberattack on Mercor highlights how vulnerabilities in open-source projects can impact numerous companies. This incident underscores the importance of robust cybersecurity practices for U.S. tech firms relying on open-source tools. Developers and organizations must remain vigilant in securing sensitive data and regularly auditing third-party software dependencies.

Source: TechCrunch

Read also: StrictlyVC 2026: AI Innovators Gather in San Francisco