CP
cyberpings
BreachesHIGH

Mercor Hit by Cyberattack Linked to LiteLLM Compromise

Featured image for Mercor Hit by Cyberattack Linked to LiteLLM Compromise
TCTechCrunch Security
MercorLiteLLMLapsus$
🎯

Basically, Mercor was hacked, and sensitive data was stolen due to a problem with an open-source project.

Quick Summary

Mercor has confirmed a cyberattack linked to the LiteLLM project. The extortion group Lapsus$ claims to have stolen sensitive data. This breach raises serious security concerns for many companies involved.

What Happened

Mercor, an AI recruiting startup, recently confirmed it was the victim of a cyberattack. This incident is linked to a supply chain attack involving the open-source project LiteLLM. The attack was executed by a hacking group known as TeamPCP, which compromised LiteLLM's code, affecting numerous companies, including Mercor.

The situation escalated when the extortion group Lapsus$ claimed responsibility for the attack, stating they had accessed Mercor's data. While the exact method of data acquisition remains unclear, the implications of this breach are significant, especially given Mercor's partnerships with major players like OpenAI and Anthropic.

Who's Affected

Mercor is not alone in this incident. The compromise of LiteLLM has reportedly impacted thousands of companies. Founded in 2023, Mercor has quickly grown, facilitating over $2 million in daily payouts and achieving a valuation of $10 billion following a recent funding round.

As investigations continue, it is uncertain how many other organizations may have been affected. The widespread use of LiteLLM, which is downloaded millions of times daily, raises alarms about potential vulnerabilities in many systems relying on this library.

What Data Was Exposed

Lapsus$ has publicly shared a sample of the data they claim to have stolen from Mercor. This sample includes references to Slack data and ticketing information, alongside videos that purportedly show interactions between Mercor's AI systems and contractors.

While the full extent of the data breach is still being assessed, the nature of the exposed data raises serious privacy concerns. Companies utilizing Mercor's services may need to evaluate their own security measures in light of this incident.

What You Should Do

If you are a customer or contractor of Mercor, it is crucial to stay informed about the ongoing investigation. Mercor has pledged to communicate directly with affected parties as more information becomes available.

In the meantime, consider taking the following steps:

  • Monitor your accounts for unusual activity.
  • Change passwords and enable two-factor authentication where possible.
  • Stay updated on any announcements from Mercor regarding the incident and follow their guidance on securing your data.

As this situation develops, it serves as a reminder of the vulnerabilities associated with open-source projects and the need for robust security measures across all platforms.

🔒 Pro insight: The attack underscores the risks associated with open-source dependencies; organizations must enhance their supply chain security protocols.

Original article from

TCTechCrunch Security· Jagmeet Singh
Read Full Article

Share

Related Pings

HIGHBreaches

Anthropic Exposes Claude Code Source via NPM Leak

Anthropic has leaked its Claude Code source online due to a packaging error. This incident exposes critical internal architecture and could impact user trust. Anthropic is taking steps to prevent future leaks.

Security Affairs·
HIGHBreaches

Lockheed Martin Data Breach - Stolen Data Offered for $600M

Lockheed Martin is in hot water after a massive data breach. Allegedly, hackers have stolen 375 TB of sensitive data and are trying to sell it for nearly $600 million. This breach could have serious implications for national security. Stay tuned for updates as the situation develops.

SC Media·
HIGHBreaches

CareCloud Confirms Breach of EHR Environment Affecting Patients

CareCloud has confirmed a breach affecting its EHR environment, potentially compromising sensitive patient health records. The company is assessing the extent of the data accessed. This incident highlights ongoing vulnerabilities in healthcare data security.

SC Media·
HIGHBreaches

CareCloud Data Breach - Hackers Access Patients' Records and IT Infrastructure

CareCloud has confirmed a data breach involving unauthorized access to its electronic health record systems, raising serious concerns over patient data security and potential exposure.

TechCrunch Security·
HIGHBreaches

Cisco Source Code Stolen - Trivy-Linked Breach Exposed Data

Cisco has suffered a breach linked to the Trivy attack, resulting in stolen source code and AWS keys. This incident affects numerous corporate clients, raising concerns about data security. Immediate actions are being taken to contain the breach and protect sensitive information.

BleepingComputer·
MEDIUMBreaches

Iranian Hackers Breach FBI Director’s Personal Email

Iranian hackers have breached the personal email of FBI Director Kash Patel, leaking his CV and personal photos online. This incident underscores the growing risks faced by high-profile officials. With state-backed hackers becoming more brazen, the need for robust cybersecurity measures is more pressing than ever.

Graham Cluley·