Mercor Data Breach: 4TB of Passports, Video Interviews

If you've ever done a video interview for an AI company, this story should make you uncomfortable.

Mercor, a $10 billion AI recruiting startup that works with some of the biggest names in AI — OpenAI, Anthropic, and Meta — just confirmed a massive security breach. Hackers claim to have stolen 4 terabytes of data, and they're auctioning it off on the dark web right now.

Let's break down what happened, what got stolen, and what this means for you.

What is Mercor?

Mercor is a San Francisco-based startup founded in 2023. Their business model is straightforward: they recruit domain experts — doctors, lawyers, scientists, engineers — and connect them with AI companies that need high-quality training data. Think of it as a matchmaking service between human expertise and AI labs.

The platform uses AI-powered video interviews to screen and evaluate candidates. You sit in front of your camera for about 20 minutes, an AI agent asks you role-specific questions, and your responses are recorded, transcribed, and scored. If you're a match, companies can hire you for tasks like RLHF (Reinforcement Learning from Human Feedback), model evaluation, and data labeling.

Mercor claims over $500 million in revenue, facilitates over $2 million in daily payouts, and supports 30,000+ external experts. It's a significant player in the AI data pipeline.

What Happened?

This wasn't a direct hack on Mercor. It was something far more sophisticated — a supply chain attack.

Here's the chain of events:

In late March 2026, a hacker group called TeamPCP compromised the publishing credentials for LiteLLM, a massively popular open-source Python library used by AI developers to connect applications to various AI services. LiteLLM is estimated to be present in about 36% of cloud environments and gets around 97 million monthly downloads.

TeamPCP injected malicious backdoor code into two LiteLLM versions — 1.82.7 and 1.82.8 — and published them to PyPI (Python's package repository). These poisoned versions were available for roughly 40 minutes before being caught. But in those 40 minutes, thousands of organizations automatically downloaded them.

Mercor was one of those organizations.

The malicious code was designed to harvest credentials and establish persistent access to affected systems. Once inside, the attackers could explore victim environments and steal data.

Then things escalated. Lapsus$, a notorious extortion hacking group, partnered with TeamPCP to monetize the access. They specifically targeted Mercor and claim to have exfiltrated the company's entire data trove through their Tailscale VPN.

Think of it this way: instead of breaking into a restaurant, someone poisoned the ingredients at the food factory. Every restaurant using those ingredients got compromised — without ever being directly attacked.

What Data Was Stolen?

According to Lapsus$'s claims, the stolen data totals 4 terabytes and includes:

• 939 GB of platform source code — essentially the complete blueprint of how Mercor's platform works, including its AI matching algorithms and internal systems.
• 211 GB user database — candidate profiles, employer data, user accounts, and credentials.
• 3 TB of storage buckets — this is where it gets personal. This reportedly contains video interview recordings and identity verification documents, including passports and government-issued IDs.
• Slack messages and internal ticketing data — internal company communications.
• Tailscale VPN data — keys and secrets that could potentially provide ongoing access.

TechCrunch reviewed sample data shared by Lapsus$ and confirmed it included material referencing Slack data, ticketing information, and two videos showing conversations between Mercor's AI systems and contractors.

To put 4TB in perspective: that's roughly equivalent to 1,000 hours of video or about 1,000 copies of the Encyclopedia Britannica.

Why the Video Interviews Matter

This is arguably the most troubling part of the breach.

Mercor's platform records video interviews where candidates show their face, speak about their expertise, and demonstrate their knowledge. According to Mercor's own documentation, they retain video/audio recordings and AI-generated transcripts to evaluate candidacy and recommend profiles to employers.

Now combine that with the identity verification documents — passports, government IDs — that candidates submitted during onboarding.

What the hackers potentially have is a complete identity package for thousands of experts: your face on video, your voice, your name, your passport, your resume, your contact information, and your professional expertise. That's not just a data breach. That's an identity theft starter kit.

There's also a long-standing controversy around Mercor's data practices. Many applicants on platforms like Reddit have expressed suspicion that Mercor's interviews are primarily a data collection mechanism, pointing to numerous reports of job offers being "paused indefinitely" right after the interview process. Whether or not those suspicions are justified, this breach dramatically amplifies those concerns.

The Bigger Picture

Mercor is just the tip of the iceberg.

Security researchers at Wiz reported that credentials stolen in the supply chain compromises were quickly validated and used to explore victim environments. Mandiant's CTO Charles Carmakal, speaking at RSA Conference, estimated that over 1,000 SaaS environments were actively dealing with the cascading effects of the TeamPCP attacks — and predicted that number could expand to 10,000 or more.

Researchers at vx-underground estimate that data has been exfiltrated from approximately 500,000 machines across the broader campaign.

TeamPCP isn't working alone either. Reports indicate they're collaborating with multiple extortion and ransomware groups — including Lapsus$, CipherForce, and Vect — to leak data and extort victims at scale.

There are also unconfirmed reports that datasets used by Mercor's clients — OpenAI, Anthropic, Meta — and information about their secretive AI projects may have been compromised. If true, the implications extend far beyond Mercor itself.

What Should You Do?

If you've ever created an account on Mercor or completed a video interview on their platform, here are some steps to consider:

• Monitor your accounts. Watch for any unusual activity on email accounts, financial services, or professional platforms associated with the same credentials.
• Change your passwords. If you used the same password on Mercor as on other services, change them immediately. Use a password manager.
• Enable two-factor authentication on all important accounts.
• Watch for phishing. With detailed personal information in the hands of attackers, targeted phishing attempts become much more convincing.
• Consider identity monitoring. Given that passports and government IDs may be in the stolen data, monitoring for identity fraud is worth the effort.
• Check Mercor's communications. The company says it will be reaching out to affected customers and contractors directly.

The Takeaway

This incident is a stark reminder of two uncomfortable truths about the current AI landscape.

First, the open-source software supply chain — the very foundation that modern AI infrastructure is built on — remains dangerously vulnerable. A 40-minute window of poisoned code was enough to compromise thousands of organizations.

Second, AI platforms that collect deeply personal data — your face, your voice, your identity documents, your professional expertise — carry enormous responsibility. When that data leaks, the consequences for individuals are severe and long-lasting.

Mercor's official position is that interview data is not sold or used to train external AI models, and that they have moved promptly to contain the incident. But for the thousands of experts whose video interviews and identity documents are now potentially circulating on the dark web, those assurances ring hollow.

The AI industry is moving fast. The question is whether security is keeping up.

Sources

• TechCrunch — Mercor says it was hit by cyberattack tied to compromise of open source LiteLLM project
• Fortune — Mercor, a $10 billion AI startup, confirms major cybersecurity breach
• The Register — AI recruiting biz Mercor says it was 'one of thousands' hit in LiteLLM supply-chain attack
• Cyber Security News — Mercor AI Confirms Data Breach Following Lapsus$ Claims of 4TB Data Theft
• SecurityWeek — Mercor Hit by LiteLLM Supply Chain Attack
• Cybernews — Mercor confirms cyberattack as hackers claim 4TB of critical data
• Mercor Official — AI Interview FAQ & Data Policy