Supply‑Chain Attack on LiteLLM Compromises AI Recruiting Firm Mercor, Exposing 4 TB of Data
What Happened — Mercor, an AI‑driven recruiting platform, was breached after malicious versions of the widely‑used LLM gateway LiteLLM were distributed. The compromised packages contained credential‑stealing malware that harvested API keys, cloud secrets and tokens, enabling attackers to move laterally and exfiltrate roughly 4 TB of source code, datasets and internal repositories.
Why It Matters for TPRM —
- A single third‑party library (LiteLLM) became a high‑leverage attack vector, potentially affecting thousands of downstream organizations.
- Credential theft bypasses traditional perimeter defenses, exposing sensitive cloud assets and intellectual property.
- Large‑scale data exfiltration raises compliance, IP, and national‑security concerns for any firm that integrates generative AI services.
Who Is Affected — AI recruiting platforms, SaaS providers, and any enterprise that incorporates LiteLLM or similar LLM gateways into their workflows.
Recommended Actions —
- Conduct an immediate inventory of all LiteLLM deployments and verify package integrity.
- Rotate all API keys, cloud secrets and tokens used by affected services.
- Deploy credential‑monitoring and anomaly detection on cloud environments.
- Review and harden supply‑chain security controls (code signing, SBOMs, provenance checks).
- Engage incident‑response teams and notify customers as required by contractual and regulatory obligations.
Technical Notes — The attack leveraged a supply‑chain compromise of the LiteLLM gateway, injecting credential‑stealing malware into its distribution channel. Attack vector: third‑party dependency. Stolen credentials were used for lateral movement, leading to exfiltration of source code repositories, internal databases and cloud storage buckets. No public CVE was associated; the threat stemmed from malicious package distribution. Source: DataBreachToday