AI recruiting startup Mercor was caught up in a massive supply chain attack that compromised thousands of companies through the popular LiteLLM library. The attack began March 27 when hackers from TeamPCP used stolen credentials to publish malicious versions of LiteLLM on PyPI for 40 minutes.
The Lapsus$ extortion group now claims to have stolen over 4 terabytes of Mercor's data, including candidate profiles, personal information, employer data, video interviews, source code, and VPN credentials. They're reportedly auctioning this information online.
Mercor says it's working with forensics experts to investigate the breach, but hasn't confirmed the extent of the data theft.
Source: Security Week