Meta has reportedly paused all work with artificial intelligence (AI) recruitment company Mercor after the company was hit by a cyberattack last week. As per the report, the Menlo Park-based tech giant was among the biggest clients of the startup that hires subject matter experts to validate and run quality analysis on large language models’ output. The cyberattack suffered by Mercor allegedly resulted in a large-scale data breach, and a group claimed to have stolen hundreds of gigabytes of data from the company. Mercor is currently investigating the incident.
According to a Wired report, the tech giant has decided to pause all work with Mercor after the security incident. Citing two unnamed sources familiar with the matter, the publication claimed that the pause is indefinite, and other major AI companies are also reevaluating their work with the AI recruitment firm after the cyberattack.
Mercor, founded in 2023, is an AI recruitment company that hires domain experts. The company has partnered with several AI companies, such as Anthropic and OpenAI, and runs quality checks on the responses generated by their LLMs. Most AI companies outsource such work to both validate the performance of their AI models and to help improve their responses. The startup raised $350 million (roughly Rs. 3,257 crore) in its Series C funding round in October 2025, at a valuation of $10 billion (roughly Rs. 93,067 crore).
In a statement, the company said that it had identified that it was one of the many companies impacted by a supply chain attack that involved LiteLLM. “We are conducting a thorough investigation supported by leading third-party forensics experts. We will continue to communicate with our customers and contractors directly as appropriate and devote the resources necessary to resolving the matter as soon as possible,” it added.
Meanwhile, cybercrime tracker Dark Web Informer shared a screenshot of the home page of the LAPSUS$ Group, highlighting that the cyberattackers took responsibility for the attack. The group allegedly claimed that it had stolen nearly 4TB of data, which includes 211GB of database, 939GB of source code, and 3TB of bucket data. It is allegedly now auctioning the data. The validity of the claims could not be verified.