// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
Breach Record

Mercor

DISCLOSED 2026-03-31 · SUPPLY CHAIN

On March 31, 2026, AI talent startup Mercor confirmed a supply-chain cyberattack stemming from the compromise of the open-source LiteLLM library. The incident resulted in the theft of 4TB of data. The attack vector is supply-chain, with no further details on exposed data types or threat actor.

The record

What we know

Disclosed
2026-03-31
Attack vector
Supply Chain
Sector
AI talent
Country
Sweden
Sources

Cited reporting

Similar vector · recent

Other supply chain breaches on file

This page is the permanent ColdRecon entry for the Mercor disclosure. It updates if new public reporting emerges. All tracked breaches →

Mercor just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →