Meta and AI Labs Pause Work with Mercor Following Major Security Breach
Meta has indefinitely suspended all projects with data contracting firm Mercor after a significant security breach exposed sensitive systems, according to sources familiar with the matter. The incident has prompted other major AI labs, including OpenAI and Anthropic, to reassess their partnerships with the startup as they evaluate the scope of the compromise.
Mercor specializes in generating proprietary training datasets for leading AI models, such as those powering ChatGPT and Claude, by employing large networks of human contractors. These datasets are closely guarded, as they contain critical insights into AI training methodologies information that could benefit competitors, including labs in the U.S. and China. It remains unclear whether the exposed data would provide a meaningful advantage to rivals.
OpenAI confirmed it is investigating the breach to determine if its proprietary training data was compromised but stated that user data remains unaffected. Anthropic has not yet responded to requests for comment.
Mercor acknowledged the attack in a March 31 internal email, describing it as part of a broader cyber incident affecting "thousands of organizations worldwide." Contractors working on Meta’s Chordus project an initiative to improve AI response verification were informed of a pause in work, with some facing potential unpaid leave until projects resume. The company is reportedly seeking alternative assignments for affected workers.
The breach appears linked to TeamPCP, a threat actor that recently compromised two versions of the AI API tool LiteLLM, distributing tainted updates that exposed numerous organizations. While the full extent of the fallout remains unclear, the incident highlights the supply chain risks in AI development, where third-party vendors handle highly sensitive data.
Adding to the confusion, a group claiming to be Lapsus$ advertised stolen Mercor data including a 200+ GB database, 1 TB of source code, and 3 TB of video files on Telegram and a BreachForums clone. However, cybersecurity researchers, including Allan Liska of Recorded Future, dismiss the claim, noting that TeamPCP is the likely culprit. Unlike the original Lapsus$, which targeted high-profile tech firms, TeamPCP has been linked to financially motivated attacks, ransomware operations, and even geopolitically driven malware, such as the CanisterWorm data-wiping tool targeting Iranian cloud systems.
The breach underscores the secrecy and vulnerability of AI data contractors, many of which like Surge, Handshake, Turing, Labelbox, and Scale AI operate under strict confidentiality, often using codenames for projects. As AI labs increasingly rely on external firms for critical training data, the incident raises concerns about security standards in an industry where even minor exposures could have far-reaching consequences.
OpenAI cybersecurity rating report: https://www.rankiteo.com/company/openai
"id": "OPE1775256197",
"linkid": "openai",
"type": "Cyber Attack",
"date": "3/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Meta, OpenAI, Anthropic',
'industry': 'AI Training Data',
'name': 'Mercor',
'type': 'Data Contracting Firm'},
{'industry': 'Social Media/AI',
'name': 'Meta',
'size': 'Large',
'type': 'Technology Company'},
{'industry': 'Artificial Intelligence',
'name': 'OpenAI',
'size': 'Large',
'type': 'AI Research Lab'},
{'industry': 'Artificial Intelligence',
'name': 'Anthropic',
'size': 'Large',
'type': 'AI Research Lab'}],
'attack_vector': 'Supply Chain Attack (Tainted AI API tool updates)',
'customer_advisories': 'Contractors informed of project pauses',
'data_breach': {'data_exfiltration': 'Yes (advertised on Telegram and '
'BreachForums clone)',
'file_types_exposed': ['Database',
'Source code',
'Video files'],
'sensitivity_of_data': 'High (AI training methodologies, '
'competitive insights)',
'type_of_data_compromised': ['Proprietary training datasets',
'Source code',
'Video files']},
'date_publicly_disclosed': '2024-03-31',
'description': 'Meta has indefinitely suspended all projects with data '
'contracting firm Mercor after a significant security breach '
'exposed sensitive systems. The incident has prompted other '
'major AI labs, including OpenAI and Anthropic, to reassess '
'their partnerships with the startup as they evaluate the '
'scope of the compromise. Mercor specializes in generating '
'proprietary training datasets for leading AI models, and the '
'breach may have exposed critical insights into AI training '
'methodologies.',
'impact': {'brand_reputation_impact': 'High (loss of trust in third-party '
'vendors)',
'data_compromised': 'Proprietary training datasets, 200+ GB '
'database, 1 TB of source code, 3 TB of video '
'files',
'downtime': 'Projects paused indefinitely, contractors facing '
'unpaid leave',
'operational_impact': 'Suspension of AI training data projects, '
'reassessment of partnerships',
'systems_affected': 'AI training data systems, contractor '
'networks'},
'initial_access_broker': {'data_sold_on_dark_web': 'Advertised (200+ GB '
'database, 1 TB source '
'code, 3 TB video files)',
'entry_point': 'Compromised LiteLLM AI API tool '
'updates',
'high_value_targets': 'AI training datasets'},
'investigation_status': 'Ongoing',
'lessons_learned': 'The incident highlights supply chain risks in AI '
'development, where third-party vendors handle highly '
'sensitive data. It underscores the need for stricter '
'security standards in the AI industry.',
'motivation': ['Financial Gain', 'Ransomware', 'Geopolitical'],
'post_incident_analysis': {'root_causes': 'Supply chain attack via tainted '
'LiteLLM updates, inadequate vendor '
'security controls'},
'ransomware': {'data_exfiltration': 'Yes'},
'recommendations': ['Enhance vendor security assessments',
'Implement stricter access controls for proprietary data',
'Improve supply chain security for AI tools and '
'dependencies'],
'references': [{'source': 'Internal Mercor email'},
{'source': 'OpenAI statement'},
{'source': 'Telegram/BreachForums clone advertisement'},
{'source': 'Recorded Future (Allan Liska)'}],
'response': {'communication_strategy': 'Internal email to contractors, public '
'statements from OpenAI',
'containment_measures': 'Projects paused, contractors '
'reassigned'},
'stakeholder_advisories': 'AI labs reassessing partnerships with Mercor',
'threat_actor': 'TeamPCP',
'title': 'Meta and AI Labs Pause Work with Mercor Following Major Security '
'Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Compromised LiteLLM AI API tool versions'}