TL;DR: Mercor is a real $10B AI talent platform. The March 2026 LiteLLM breach leaked 4TB of contractor data. Here is what it means for you.
On March 27, 2026, attackers pushed two poisoned versions of LiteLLM to PyPI. The packages were live for about 40 minutes. That was enough time to compromise Mercor, a $10 billion AI startup that pays contractors $1.5 million every day.
Hackers walked away with about 4 terabytes of data. Meta paused all contracts with Mercor. OpenAI started its own review. A class action lawsuit was filed on April 1, 2026, on behalf of more than 40,000 contractors and customers.
So is Mercor legit? Yes, the company is real. But this breach changes the trust math for both sides of the marketplace. We help startups hire vetted remote engineers every day. Here is our honest take.
Mercor at a Glance
| Topic | Details |
|---|---|
| Company | Mercor.io Corp. |
| Founded | 2022 in San Francisco |
| Valuation | $10 billion (October 2025) |
| Last funding round | $350M Series C, led by Felicis |
| Contractor base | 30,000+ experts |
| Daily payouts | $1.5 million |
| Top customers | OpenAI, Anthropic, Meta, Google |
| Breach date | March 27, 2026 |
| Data exposed | About 4 TB |
| People affected | 40,000+ contractors and customers |
| Status | Active investigation. Class action filed. |
What Mercor Actually Does
Mercor is an AI talent marketplace. It connects subject matter experts with AI labs that need data labeling and model training work. The company uses AI to screen and match candidates.
Its contractors include doctors, lawyers, scientists, and senior engineers. Pay rates often sit between $50 and $150 per hour. That puts Mercor near the top of the AI training pay scale.
Mercor was founded by three Thiel Fellows in 2022. By October 2025, it had raised $350 million in Series C funding at a $10 billion valuation. Investors include Felicis, Benchmark, General Catalyst, and Robinhood Ventures, per CNBC.
So yes. Mercor is a real, well-funded company. It is not a scam. But “legit” and “safe to trust with your ID” are two different questions.
The LiteLLM Supply Chain Attack Explained
The breach did not start at Mercor. It started at LiteLLM, a popular open source library. LiteLLM acts as a gateway between apps and large language models like GPT-4 and Claude. Millions of developers use it.
A threat group called TeamPCP got into LiteLLM CI/CD pipeline. On March 27, 2026, they used stolen credentials to publish two poisoned versions: 1.82.7 and 1.82.8. Both were live on PyPI for about 40 minutes before being pulled.
Forty minutes was enough. The packages contained credential-stealing code. Any company that auto-installed the update during that window was at risk. Mercor was one of the companies that pulled the bad version into its environment.
According to BankInfoSecurity, the malware harvested API keys, tokens, and cloud credentials. From there, attackers moved through Mercor systems and reached Slack, ticketing tools, source code, and the contractor database.
What Was Actually Stolen
The hacker group Lapsus$ posted a sample of the data. Security researchers believe they worked with TeamPCP. Court filings and the leak listing show this rough breakdown.
| Data Type | Approx. Size | What It Contains |
|---|---|---|
| Video interviews and ID docs | ~3 TB | Recorded AI interviews. Passport and ID scans for identity checks. |
| Platform source code | ~939 GB | Mercor matching code. AI model logic. Internal scripts. |
| User database | ~211 GB | Names, emails, work history, SSNs of 40,000+ people. |
| Slack and ticketing data | Unknown | Internal chats. Customer support logs. Client conversations. |
The video interview cache is the most sensitive part. These recordings show contractors solving real problems for clients like OpenAI and Meta. They may contain proprietary methods. They almost certainly contain faces, voices, and ID documents.
Mercor Breach: 4 TB of Stolen Data
Approximate size by data category
Source: court filings, hacker leak listing, BankInfoSecurity
Why Meta Paused All Contracts
Meta spends huge amounts on contractor labeling for its Llama models. TechRepublic reports that Meta paused all work with Mercor within days of the disclosure. OpenAI started its own audit at the same time.
For an AI lab, the worry is not just personal data. It is the leaked training methods. Video recordings of contractors solving tasks reveal how labs design their datasets. That is competitive gold for any rival.
This is why supply chain attacks scare big tech more than direct hacks. One library compromise can leak the playbooks of many labs at once. Meta cannot afford that risk while training its next model.
What This Means for Contractors
If you ever applied to Mercor, your data may be in the leak. That includes people who started but never finished an interview. The leaked database holds full names, email addresses, work history, and Social Security numbers for many U.S. contractors.
It also holds video footage of your interviews. Faces. Voices. Maybe screen shares. For some users, ID documents like passports were stored too.
The class action filed by Lisa Gill on April 1, 2026, claims Mercor failed to protect basic data. The complaint asks for damages and free credit monitoring for affected contractors.
We worked with one developer last year who had been on three platforms at once. After a smaller breach on a different platform, he spent six months unwinding fraud charges. The lesson he shared with us was simple. Treat any platform that asks for an ID scan as a high risk vendor.
What This Means for Employers
If you used Mercor to source contractors, your work product may be in the leak too. Source code reviews, prompts, evaluation rubrics. Any of those could be inside the 4TB.
You should also think about your own legal exposure. If your contractors were on Mercor through you, their personal data is now part of a class action. Your name might come up.
The other risk is talent supply. With Meta on pause, OpenAI auditing, and the press cycle hot, many top contractors will leave Mercor for other platforms. That could disrupt projects mid sprint.
Quick Risk Self-Check
Are You at Risk From the Mercor Breach?
Tick every box that applies. We will calculate your risk level instantly.
How Mercor Compares to Other Hiring Models
Mercor is one of several remote talent models. Each has a different trust profile. Here is how the main options stack up.
| Model | Examples | Hourly Rate | Identity Risk | Best For |
|---|---|---|---|---|
| AI training marketplace | Mercor, Scale AI, Surge | $30 to $150 | High. Heavy ID checks and video interviews. | Short data labeling tasks |
| Open freelance market | Upwork, Fiverr | $15 to $120 | Medium. Mostly profile data. | One-off projects |
| Vetted talent service | Second Talent, Toptal | $30 to $100 | Lower. Vetting done by humans inside the firm. | Long-term embedded engineers |
| Direct hire via EOR | Deel, Remote, Second Talent EOR | Salary based | Lowest. Standard HR data only. | Full-time remote staff |
The key difference is who holds the risk. On a marketplace like Mercor, you give your data to a platform that resells your time to dozens of clients. On a vetted service or EOR setup, the data flow is much smaller and more controlled.
Data Trust Score by Hiring Model
Higher score = less personal data exposed per worker. Second Talent estimate based on vendor docs.
5 Steps Contractors Should Take Right Now
- Freeze your credit at all three U.S. bureaus. It is free and takes 10 minutes per bureau.
- Change passwords on Mercor and any account that shared an email with it. Turn on 2FA.
- Watch for phishing emails that mention Mercor or your interview history. Attackers will use leaked names.
- If you uploaded a passport or driver license, file an alert with your local fraud agency.
- Join the class action only after reading the terms. Some lawyers will charge a percentage of any settlement.
4 Questions Employers Should Ask Any AI Talent Vendor
- What is your dependency review process? How fast do you patch open source updates?
- Where is contractor video footage stored, and for how long?
- Do you have SOC 2 Type II or ISO 27001? Show the report, not just the badge.
- If you suffer a breach, what is the contractual notice period for clients?
We push these same four questions on every vendor we evaluate when sourcing partners for our clients. They reveal more in 10 minutes than a sales deck does in an hour.
The Bigger Lesson on AI Supply Chain Risk
The Mercor breach is not really a Mercor story. It is an open source supply chain story. The Record notes that thousands of companies installed the bad LiteLLM packages during that 40 minute window.
Most got lucky. The credentials they leaked were not hooked into customer data. Mercor was less lucky. Its environment had broad access from the same place LiteLLM ran.
The fix is not to stop using open source. The fix is to lock down what credentials live next to your AI gateway. Rotate keys often. Use short-lived tokens. Pin package versions. Run package signature checks.
We helped a Series A SaaS client redo their AI stack last quarter. We moved every secret out of the Python runtime and into a separate vault with one-hour tokens. The work took three days. It would have stopped this exact attack.
Final Verdict: Is Mercor Legit?
Yes. Mercor is a real company with real funding, real customers, and real payouts. The platform is not a scam. Many contractors have earned good money on it.
But “legit” is not the same as “safe to trust with your passport scan in 2026”. The breach shows that even a $10 billion startup can lose its entire database to a 40 minute supply chain attack. Until Mercor publishes a full post-mortem and adds independent security audits, treat it as a high risk vendor.
For employers, the smart move is to spread your risk. Do not source all your AI training labor from one platform. Mix in vetted long term hires, especially in regions like Vietnam and the Philippines, where you can build durable teams without giving every contractor ID to a third party.
For contractors, do not stop earning. Just be careful what you share, where you share it, and how often you check your credit report. The full Meta pause story shows how fast trust can evaporate when one library is compromised.
Hire Smarter with Second Talent
The Mercor breach proves one thing. The way you hire AI talent matters as much as who you hire. We help startups build small, vetted, long term engineering teams from across Southeast Asia. No 40,000 person marketplace. No mass video interview database. Just the right people, matched by humans who know your stack.
Hire vetted remote AI engineers with Second Talent to build safer, stronger AI teams in 2026.
