AI Recruiting Startup Mercor Hit in Massive LiteLLM Supply Chain Attack Affecting Thousands of Companies

AI recruiting startup Mercor confirms it was hit in a massive supply chain attack on open-source library LiteLLM, which sees millions of daily downloads, with extortion group Lapsus$ claiming responsibility and sharing allegedly stolen data including Slack conversations and contractor videos, while thousands of other companies may also be compromised.

• AI recruiting startup Mercor confirms a security incident linked to a supply chain attack on the open-source LiteLLM project, stating it is one of thousands of companies affected by a compromise tied to a hacking group called TeamPCP.
• Extortion group Lapsus$ claims responsibility for breaching Mercor and shares sample data allegedly including Slack conversations, ticketing data, and videos of contractor interactions, though Mercor declines to confirm whether customer or contractor data was accessed or exfiltrated.
• The LiteLLM compromise, which originated from malicious code discovered in one of its packages, is raising widespread concern due to the library's massive usage, with millions of downloads per day, as investigations into the full scope of affected companies continue.