Mercor confirms cyberattack tied to LiteLLM compromise as Lapsus$ claims it stole company data

Home » News
Yash Shield
News
Reading time icon 6 min. read

Calendar icon Published on

Mercor has confirmed a security incident, but some of the biggest claims circulating online still need careful framing. The AI recruiting startup told TechCrunch it was affected by the recent LiteLLM supply chain compromise, and said it moved quickly to contain and remediate the incident.

What Mercor has confirmed is a cyberattack linked to the open-source LiteLLM incident. What remains unverified publicly is the full scope of the alleged theft, including the claim by Lapsus$ that it exfiltrated 4TB of data and accessed Mercor through Tailscale. TechCrunch reported that Lapsus$ posted samples that included material referencing Slack and ticketing data, plus videos that appeared to show platform-related conversations, but it also noted that it was not yet clear how the group obtained the data from Mercor.

That distinction matters because your sample states several attacker claims as settled fact. A stronger version should separate Mercor’s official confirmation from Lapsus$’s claims, especially around the alleged 4TB dataset, the exact path of compromise, and the specific contents of the stolen cache.

What Mercor has said so far

TechCrunch reported that Mercor described itself as “one of thousands of companies” affected by the recent LiteLLM compromise, which LiteLLM linked to TeamPCP. Mercor spokesperson Heidi Hagberg told the publication that the company had “moved promptly” to contain and remediate the incident.

Mercor also said it is conducting a full investigation with outside forensics support. Hagberg told TechCrunch that the company is carrying out “a thorough investigation supported by leading third-party forensics experts” and will continue communicating with customers and contractors directly as appropriate.

Those are the cleanest official facts available right now. They confirm the incident and the response, but they do not confirm the full volume of data allegedly stolen or every category of information that threat actors claim to possess.

How LiteLLM fits into the story

LiteLLM disclosed on March 24 that versions 1.82.7 and 1.82.8 published to PyPI were compromised and live for about 40 minutes before PyPI quarantined them. The project says the malicious packages harvested secrets including environment variables, SSH keys, cloud credentials, Kubernetes tokens, and database passwords.

LiteLLM says the issue likely originated from a compromise involving Trivy in its CI/CD security scanning workflow, and that the attackers bypassed official CI/CD workflows to upload malicious packages directly to PyPI. The project later released a new clean version, 1.83.0, through a rebuilt pipeline.

That supply chain attack provides a plausible path into customer environments, including Mercor’s. But a good article should avoid overstating the blast radius unless Mercor or a trusted third party independently confirms what was actually accessed inside Mercor’s systems.

What Lapsus$ claims, and what is still not verified

According to TechCrunch, Lapsus$ claimed responsibility on its leak site and posted a sample of allegedly stolen Mercor data. The publication reviewed the sample and reported that it included material referencing Slack data, ticketing data, and two videos purportedly showing conversations between Mercor’s AI systems and contractors.

That is different from confirming the full attacker narrative. I would not state as fact that Mercor lost 939GB of source code, 211GB of databases, and 3TB of storage buckets unless Mercor, a forensic partner, or another highly credible source confirms those numbers. Right now, those figures appear to come from the threat actor side of the story.

I would also avoid saying Mercor’s breach was “the direct result” of the LiteLLM incident in absolute terms. Mercor has linked the security incident to LiteLLM, but public reporting still leaves room for investigation into the exact path and scope of compromise.

Why this breach matters

Mercor is a high-profile AI recruiting startup that works with major AI companies and contractors in markets including India, according to TechCrunch. The company says it facilitates more than $2 million in daily payouts and was valued at $10 billion after a $350 million Series C in October 2025.

That profile raises the stakes. If contractor identity documents, interview videos, source code, internal communications, or platform data were exposed, the fallout could extend beyond Mercor itself to customers, contractors, and downstream enterprise relationships.

At the same time, the reporting should stay disciplined. The strongest version of this story is not the most dramatic one. It is the one that clearly labels what Mercor confirmed, what LiteLLM confirmed, and what Lapsus$ merely claims.

Confirmed facts vs. unverified claims

ItemStatus
Mercor suffered a security incidentConfirmed by Mercor via TechCrunch
Incident linked to LiteLLM compromiseConfirmed by Mercor via TechCrunch
LiteLLM versions 1.82.7 and 1.82.8 were maliciousConfirmed by LiteLLM
Mercor contained the incident and brought in forensics expertsConfirmed by Mercor via TechCrunch
Lapsus$ claims it stole 4TB of Mercor dataClaimed publicly, not independently verified in full
Tailscale was the exact access pathClaimed in reports, not publicly confirmed by Mercor
Specific breakdown of 939GB source code, 211GB DB, 3TB storage bucketsClaimed, not fully verified publicly

A tighter way to frame the story

A better headline angle is not “Mercor AI confirms 4TB data breach” because Mercor has not publicly confirmed that exact volume. A more accurate framing is that Mercor confirmed a cyberattack linked to LiteLLM while Lapsus$ claims large-scale data theft.

That keeps the article strong and credible. It also protects you from turning attacker marketing into established fact, which happens too often in breach coverage.

Quick takeaways

  • Mercor has confirmed a cyberattack linked to the LiteLLM supply chain incident.
  • Lapsus$ claims it stole 4TB of Mercor data, but that figure has not been fully verified publicly.
  • LiteLLM confirmed that compromised versions 1.82.7 and 1.82.8 were live briefly on PyPI and contained credential-stealing payloads.
  • Mercor says it contained the incident and is investigating with third-party forensics experts.

FAQ

Did Mercor confirm the breach?

Yes. Mercor confirmed a security incident linked to the LiteLLM compromise and said it moved promptly to contain and remediate it.

Did Mercor confirm that 4TB of data was stolen?

Not publicly, based on current reporting. The 4TB figure appears to come from Lapsus$ claims, not from Mercor’s own confirmed statement.

Was LiteLLM really compromised?

Yes. LiteLLM confirmed that versions 1.82.7 and 1.82.8 on PyPI were malicious and later removed.

Has the exact data exposed at Mercor been independently verified?

Only in part. TechCrunch said it reviewed sample data posted by Lapsus$, but the full alleged dataset and its exact contents have not been publicly verified in full.

What is the most accurate way to frame this story?

Mercor confirmed a cyberattack tied to LiteLLM. Lapsus$ separately claims a much larger data theft. That is the cleanest and safest framing with current evidence.

Yash

Yash Shield

I am a Business Analytics student with a strong interest in publishing well-researched and data-driven news articles. I focus on analyzing trends in business, finance, and technology to create clear, accurate, and engaging content for readers. I enjoy transforming complex data and information into simple, meaningful stories that help audiences understand current developments. With analytical thinking and attention to detail, I aim to deliver credible and insightful news that adds real value to readers.

Readers help support VPNCentral. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more

User forum

0 messages