Meta has paused all contracts with data provider Mercor after Mercor’s systems were hit by hackers last week, which could have compromised data integrity.
As reported by Wired, on Thursday Mercor confirmed that its services had been targeted as part of an expanded supply-chain exploit, which was traced back to the use of LiteLLM, a widely used open-source library for connecting applications to AI services. It’s unclear to what extent the breach impacted Mercor’s systems, but the belief is that the hack was designed to harvest credentials from incoming data streams.
Mercor provides vetted data to help power artificial intelligence projects, employing various experts to confirm and improve data quality in order to ensure more accurate outputs from its AI systems. Mercor provides data to all of the major AI providers, including Anthropic, OpenAI and Meta.
TechCrunch further reported that the hackers responsible for the breach have since shared Slack data and ticketing info extracted from Mercor’s servers, as well as videos of conversations that allegedly took place between Mercor’s AI systems and contractors on its platform.
Given the potential for harm, Meta quickly sought to distance itself from Mercor in the hopes that it could avoid any expanded blowback from the breach. It’s not clear whether Meta user data was exposed as part of the attack, but Meta suspended all its work with Mercor pending further investigation.
The breach has implications both for the data security elements of AI projects and the integrity of AI systems, which have become a much bigger source of information for many people.
On the data security front, the vast amounts of data being fed into AI systems means that there’s also potential for large-scale exposure if these intake streams are able to be breached. That could open up a range of vulnerabilities, depending on the source input.
In terms of system integrity, according to research conducted by SEMRush, more than 112 million Americans used AI-powered tools in 2024, while McKinsey has reported that 44% of AI-powered search users now say it’s their primary and preferred source of insight.
Due to the significant influence of AI tools, the security of their data inputs is integral to accurate information flow. It also means that they will inevitably become targets of hacking groups seeking to sway users.
The Mercor incident is another reminder of this, and of the advanced security that will be required to ensure accurate information is fed into AI projects, creating additional costs in terms of broader AI infrastructure.
