AI Recruiting Firm Mercor Hit by Major Supply Chain Attack

AI startup Mercor hit by supply chain attack via LiteLLM library; data breach includes 4TB of sensitive information now being auctioned.

By Content Team

Apr 2, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

AI recruiting startup Mercor was caught up in a massive supply chain attack that compromised thousands of companies through the popular LiteLLM library. The attack began March 27 when hackers from TeamPCP used stolen credentials to publish malicious versions of LiteLLM on PyPI for 40 minutes.

The Lapsus$ extortion group now claims to have stolen over 4 terabytes of Mercor's data, including candidate profiles, personal information, employer data, video interviews, source code, and VPN credentials. They're reportedly auctioning this information online.

Mercor says it's working with forensics experts to investigate the breach, but hasn't confirmed the extent of the data theft.

Source: Security Week

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Critical Net-SNMP Flaw Threatens Network Infrastructure Worldwide

Dec 25, 2025

Hackers Actively Exploiting Critical Zero-Day Flaw in 120+ Cisco Email Security Devices

Dec 21, 2025

What to Do When You Get a Data Breach Notice

Mar 4, 2026

Cisco Patches Critical Zero-Day Flaw Already Being Exploited in the Wild

Jan 24, 2026