Every report, notification email, and outside source on the Mercor breach — collected in one place.
← Back to homeOne archive indexing everything on the public record — notices, press releases, class-action filings, and outside reporting — each linked back to its source.
Statements issued by or attributed to Mercor.
A screenshot provided to MercorClaims shows Mercor sending an initial notice about the incident to affected people. In the message, the company says it moved quickly to secure systems, opened an investigation, and brought in third-party forensic experts.
Source: screenshot of the email notice shared with affected people.
On March 31, 2026, TechCrunch reported that Mercor confirmed it was affected by a security incident — the first on-the-record confirmation from the company to a news outlet. The story is the earliest widely cited public source tying the incident to Mercor by name.
Source: TechCrunch, “Mercor says it was hit by cyberattack tied to compromise of open source LiteLLM project,” March 31, 2026.
Public reporting ties the Mercor incident to a compromise of LiteLLM — a widely used open-source project that brokers calls between applications and large-language-model providers. The link matters because it reframes the breach as a supply-chain event, not an isolated Mercor-only failure.
Source: TechCrunch reporting, March 31, 2026; corroborated by Mercor's own description of the event as affecting its systems “alongside many other organizations worldwide.”
According to TechCrunch, a sample of data purportedly stolen from Mercor included references to internal Slack data and what appeared to be ticketing data. The same report says the sample also included two videos purportedly showing conversations between Mercor's AI systems and contractors on the platform.
Source: TechCrunch, March 31, 2026. The sample has been described by the outlet but has not been independently authenticated by MercorClaims.
Mercor's public privacy policy and its AI-and-data documentation list the categories of information the platform collects. These documents don't say what was taken — but they define the outer envelope of what could plausibly be at risk in an incident affecting Mercor systems.
Source: Mercor Privacy & Cookies policy (last updated August 27, 2025); Mercor's “How Mercor Uses AI and Data” documentation.
MercorClaims opened its public archive to collect, date, and cite the material surfacing around the Mercor incident. The archive links every entry back to the public source it came from, so visitors can read the record rather than a summary of it.
Source: site launch notice published by MercorClaims editors, April 16, 2026.
MercorClaims press releases and announcements.
The public archive collects dated, cited breach material in one place — free to read, independent of Mercor, and open to additions from readers with sources.
April 16, 2026 · Site Launch
The entry annotates the notice line by line and pairs it with a recreated screenshot so readers can see the original language alongside what it actually establishes.
April 12, 2026 · Editorial Notice
The timeline reframes the Mercor event as a supply-chain incident, not a one-off, and makes the link between LiteLLM and Mercor directly readable alongside its source material.
April 6, 2026 · Investigation
The new newsroom gives reporters, researchers, and visitors a single archive for MercorClaims press releases and future public announcements.
April 2, 2026 · Company News
Public court cases naming Mercor as defendant.
No court cases posted yet. This section will fill in as complaints are filed and verified.
Independent sources cited across the archive.
Published March 31, 2026.
Last updated August 27, 2025; lists categories of information Mercor says it collects.
Mercor documentation describing resumes, interview recordings, transcripts, and related platform data.
MercorClaims summary based on a provided screenshot of the notice email.
What the public record suggests may have been touched.
TechCrunch reported on March 31, 2026 that a sample of allegedly stolen Mercor data included references to Slack data and what appeared to be ticketing data.
The same TechCrunch report said the sample also included two videos purportedly showing conversations between Mercor's AI systems and contractors on the platform.
Mercor's August 27, 2025 privacy policy says the platform collects personal and profile information such as name, email address, phone number, resume, work history, skills, interview recordings and transcripts, profile photos, salary expectations, and account credentials.
Mercor's public AI-and-data documentation also says platform records may include video or audio interviews, AI transcripts, public profile data, location and work preferences, and, if provided or authorized, payment, tax, or background-check-related information.
Mercor had not publicly confirmed the final full scope of accessed or exfiltrated customer or contractor data as of April 1, 2026, so some categories remain unconfirmed.
Read alongside the timeline and the latest updates.