Mercor Data Breach Exposes Candidate Info, Prompts Client Pauses and Lawsuits

A hacker group's claim to have stolen roughly 4 terabytes of data from Mercor, the $10 billion AI data-training startup, has set off a cascade of contract freezes, investigations, and lawsuits that now threaten the company's standing at the center of the AI supply chain.

Mercor acknowledged the breach on March 31, 2026, roughly ten days before the full scope of the fallout became public. The incident traced back to a compromised build of LiteLLM, a widely used open-source tool. For approximately 40 minutes, that build reportedly carried credential-harvesting malware, software designed to capture login credentials silently. Those stolen credentials were then allegedly used to escalate access deeper into Mercor's infrastructure, potentially exposing candidate profiles, personally identifiable information, employer data, source code, and API keys.

The commercial consequences arrived quickly. Meta paused its contracts with Mercor, according to Wired sources. OpenAI confirmed it was investigating possible exposure, though it had not paused contracts as of this reporting. That two of the most prominent names in AI model development were caught in the fallout reflects the degree to which Mercor had embedded itself in the industry's training data pipeline.

Five Mercor contractors have already filed lawsuits alleging that their personal data was exposed. The legal filings add a human dimension to what might otherwise read as a corporate infrastructure incident: the workers who performed labeling, annotation, and evaluation tasks now face the prospect of their personal information circulating beyond the company's control.

Mercor said it was investigating and committed to "continue to communicate with our customers and contractors directly as appropriate and devote the resources necessary to resolving the matter as soon as possible." The company declined to comment further.

The technical vector at the heart of the incident carries implications well beyond Mercor. A malicious build of a popular open-source tool, active for less than an hour, was sufficient to compromise credentials at a company valued at $10 billion. That sequence illustrates how software supply chain vulnerabilities can propagate through the AI ecosystem: a widely distributed open-source component becomes the entry point, and the downstream damage spans contractors, enterprise customers, and the proprietary training data that model developers treat as their most guarded assets. Whether the industry's vendor governance practices are equipped to catch a 40-minute exposure window is now a question Mercor's clients can no longer defer.