Last week, Mercor was impacted by a supply chain attack, which allegedly resulted in major data theft.
Mercor is an AI recruiting company that works with multiple AI companies, such as OpenAI and Meta
Photo Credit: Reuters
Meta has reportedly paused all work with artificial intelligence (AI) recruitment company Mercor after the company was hit by a cyberattack last week. As per the report, the Menlo Park-based tech giant was among the biggest clients of the startup that hires subject matter experts to validate and run quality analysis on large language models' output. The cyberattack suffered by Mercor allegedly resulted in a large-scale data breach, and a group claimed to have stolen hundreds of gigabytes of data from the company. Mercor is currently investigating the incident.
According to a Wired report, the tech giant has decided to pause all work with Mercor after the security incident. Citing two unnamed sources familiar with the matter, the publication claimed that the pause is indefinite, and other major AI companies are also reevaluating their work with the AI recruitment firm after the cyberattack.
Mercor, founded in 2023, is an AI recruitment company that hires domain experts. The company has partnered with several AI companies, such as Anthropic and OpenAI, and runs quality checks on the responses generated by their LLMs. Most AI companies outsource such work to both validate the performance of their AI models and to help improve their responses. The startup raised $350 million (roughly Rs. 3,257 crore) in its Series C funding round in October 2025, at a valuation of $10 billion (roughly Rs. 93,067 crore).
In a statement, the company said that it had identified that it was one of the many companies impacted by a supply chain attack that involved LiteLLM. “We are conducting a thorough investigation supported by leading third-party forensics experts. We will continue to communicate with our customers and contractors directly as appropriate and devote the resources necessary to resolving the matter as soon as possible,” it added.
Meanwhile, cybercrime tracker Dark Web Informer shared a screenshot of the home page of the LAPSUS$ Group, highlighting that the cyberattackers took responsibility for the attack. The group allegedly claimed that it had stolen nearly 4TB of data, which includes 211GB of database, 939GB of source code, and 3TB of bucket data. It is allegedly now auctioning the data. The validity of the claims could not be verified.
Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.