Mercor says it was hit by cyberattack tied to compromise LiteLLM
a day ago
- #Cybersecurity
- #AI
- #Supply Chain Attack
- Mercor, an AI recruiting startup, confirmed it was affected by a security incident related to a supply chain attack via the open source project LiteLLM.
- The hacking group TeamPCP compromised LiteLLM, with extortion group Lapsus$ claiming to have targeted Mercor and accessed its data, though the connection is unclear.
- Mercor, founded in 2023, works with companies like OpenAI and Anthropic to train AI models using domain experts, with a valuation of $10 billion and over $2 million in daily payouts.
- The company moved quickly to contain the incident, launching an investigation with third-party forensics experts and communicating with customers and contractors.
- Lapsus$ shared a sample of allegedly stolen data, including Slack and ticketing references, plus videos of AI system conversations with contractors.
- The LiteLLM compromise involved malicious code in its open source package, discovered last week and removed within hours, affecting many companies due to its high usage.
- LiteLLM has updated compliance processes post-incident, switching from Delve to Vanta for certifications, but the full impact and data exposure are still under investigation.