AI Startup Mercor Confirms Cybersecurity Breach, Indicates Supply Chain Attack

Staff Report: PNN
AI-based recruitment platform Mercor confirmed a security incident believed to be linked to a supply chain cyberattack. The breach affected their systems due to the use of the open-source project LiteLLM.

Mercor stated that the attack did not target them exclusively, but “as one among thousands of affected companies.” Preliminary analysis suggests involvement of a hacker group named ‘TeamPsicp’. Another group, Lapsus$, claimed to have accessed some data from Mercor, though details remain unclear.

A company spokesperson said measures were taken promptly to control the situation, with third-party cybersecurity experts assisting the investigation. They assured that communication with customers and stakeholders would continue as necessary.

Samples released by hacker groups claim exposure of Slack-related data, ticketing information, and user conversation videos, though the authenticity and extent of these claims have not been formally confirmed.

The issue surfaced after detection of malicious code in a LiteLLM package last week. Although the code was quickly removed, widespread daily downloads could have exposed many companies. The exact number of affected organizations or any leaked sensitive information remains uncertain. Investigations are ongoing, and specialists note that supply chain attacks pose significant risks in the tech sector, highlighting the need for robust security in open-source software use.