OpenAI and Anthropic's Data Supplier Was Hacked—Here's What We Know
Mercor, a data supplier to OpenAI and Anthropic, has disclosed a security incident involving malicious code that may have compromised sensitive company and user information. The breach, which was part of a supply chain attack, has raised concerns over cybersecurity vulnerabilities in the AI ecosystem.
Mercor, an AI startup, has reported a security incident that may have compromised sensitive information. The breach involved malicious code embedded in the open-source tool LiteLLM, which is used to connect applications with AI services. A hacking group known as TeamPCP targeted LiteLLM, enabling attackers to capture user credentials. Another group, Lapsus$, claimed responsibility for targeting Mercor and released sample data and videos. Mercor has launched a forensic investigation and contained the incident, but has not confirmed whether any customer or contractor data was misused.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.