Thecyberexpress
Mercor Cyberattack Linked to LiteLLM Supply Chain Compromise
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
AI recruiting startup Mercor confirmed it was impacted by a supply chain attack linked to the LiteLLM project, which has affected thousands of organizations. The breach was attributed to the hacking group TeamPCP, with extortion group Lapsus$ claiming to have stolen approximately 4TB of data, including 939GB of source code and sensitive user information. Initial access was reportedly gained through a compromised Tailscale VPN credential. The incident highlights the risks associated with open-source software dependencies, as LiteLLM is widely used across the AI ecosystem. Mercor has initiated a thorough investigation with third-party forensics experts to assess the full extent of the breach. The attack raises significant privacy and regulatory concerns under GDPR and CCPA due to the nature of the exfiltrated data. As investigations continue, the implications for affected organizations remain serious.
Key Points: • Mercor confirmed a breach linked to the LiteLLM supply chain attack affecting thousands. • Lapsus$ claimed to have stolen 4TB of data, including source code and user databases. • The breach originated from compromised Tailscale VPN credentials exploited by TeamPCP.