AI Recruitment Startup Confirms Data Theft After Exploiting Open-Source LiteLLM Vulnerability
The Mercor, an American AI-powered recruitment startup that reached a $2 billion valuation after a $100 million Series B round led by General Catalyst in 2024, confirmed on Tuesday that it was the victim of a sophisticated cyberattack. The incident, claimed by the extortion group known as NullLoader, resulted in the theft of sensitive data from the company's systems — including candidate information, proprietary evaluation metrics, and integration credentials for corporate clients.
The connection to LiteLLM — an open-source project that centralizes APIs for more than 100 language models, including GPT-4o, Claude 3.5, and Gemini Pro — reveals a critical vulnerability in the software supply chain that supports the growing enterprise AI economy.
How the Attack Happened: The Compromise Chain
According to reports from the company to TechCrunch, attackers exploited a dependency injection vulnerability in LiteLLM that allowed remote code execution (RCE). The project, maintained by the community and with more than 28,000 stars on GitHub, is widely used by startups to standardize calls to multiple LLM providers through a unified interface.
"This attack exemplifies the 'trust but verify' pattern that the industry needs to abandon. When you integrate open-source code into systems that process sensitive personal data, you are inheriting the entire attack surface of that dependency," said Marcus Chen, a security researcher at Mandiant, in an interview with RadarIA.
Supply chain attacks grew 742% between 2020 and 2025, according to data from the Sonatype 2025 State of Software Supply Chain Report. The AI sector, with its intensive reliance on open-source libraries for infrastructure, has become a priority target.
Incident Timeline
- March 15: Researchers from the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about a vulnerability in LiteLLM (CVE-2026-1847, CVSS score 9.1)
- March 22: Corrective patch released by the LiteLLM team
- March 28: NullLoader begins exfiltration operation exploiting outdated systems
- March 31: Mercor publicly confirms incident after failed ransom negotiation
Market Impact: The Domino Effect on AI Recruitment Industry
Mercor is not just any company in the ecosystem. Founded in 2023, the platform uses LLMs to evaluate resumes, conduct preliminary interviews, and recommend candidates — processing more than 2 million candidate assessments monthly. Its clients include Fortune 500 companies such as Goldman Sachs, McKinsey, and PepsiCo.
The global recruitment software market was valued at $7.6 billion in 2025, with projections to reach $11.2 billion by 2028 (CAGR of 13.7%). The integration of AI in this segment has accelerated dramatically over the past 18 months.
Implications for the LATAM Ecosystem
Although Mercor operates primarily in the US, the incident reverberates strongly across Latin America:
- Regional startups like Brazilian Gupy and Colombian Talent.com depend on similar infrastructure
- The Mexican AI hub hosts at least 15 scale-ups using LiteLLM or equivalent dependencies
- Data protection regulators — LGPD in Brazil, Ley Federal de Protección de Datos Personales in Mexico — should intensify scrutiny of security practices among companies processing data from Latin American workers
"Human resources companies processing resumes from Latin American professionals now face double pressure: regulatory compliance and demonstrating cybersecurity maturity," explains Fernanda Oliveira, a partner at law firm Veirano specializing in data protection.
LiteLLM and the Open-Source Security Paradox
LiteLLM, created to simplify the lives of developers who need to switch between LLM providers, illustrates the central paradox of AI security: the more infrastructure is standardized to reduce costs, the greater the impact when that infrastructure is compromised.
The project is maintained by a team of 8 people, all volunteers or funded by community contributions — a model that works for innovation but creates sustainability and security risks. Comparatively, companies like Scale AI and Hugging Face invest $50-100 million annually in infrastructure security.
Comparison: AI Security Costs
- Early-stage startups: menos de 5% of budget on security
- Scale-ups like Mercor: 8-12% of budget on security (RadarIA estimate)
- Big techs (Google, Microsoft, Meta): 18-25% of budget on security
- Regulated companies (fintechs, healthtechs): 15-20% of budget on security
What to Expect: Next Steps and Recommendations
For the AI and recruitment ecosystem, the next 90 days will be critical:
- Mandatory audits: CISA is expected to recommend security assessments for all companies using LiteLLM or similar libraries
- Regulatory pressure: Brazil's ANPD and Mexico's INAI should issue specific guidelines on open-source dependencies in systems processing personal data
- Vendor consolidation: companies should reassess contracts with AI infrastructure providers that do not offer verifiable security SLAs
Checklist for LATAM Companies
- Audit all open-source dependencies in candidate data pipelines
- Implement SBOM (Software Bill of Materials) for all HR systems
- Verify that engineering teams have applied LiteLLM patches (version 1.40.2 or higher)
- Review candidate data retention policies in light of new threats
The attack on Mercor is not an isolated incident — it is a reminder that the democratization of access to AI via open-source code comes with the democratization of risks. For emerging markets like Latin America, where AI adoption in HR processes is accelerating, the lesson is clear: innovation without security is an incomplete equation.
Sources: TechCrunch, Sonatype, CISA, ANPD, Mercor financial reports (disclosed in 2024).
Read also