Mercor, an AI training-data startup valued at $10 billion and serving customers including OpenAI and Anthropic, confirmed a major data breach tied to a supply-chain attack involving LiteLLM, according to a report. The breach may have exposed sensitive company and user data, and unconfirmed reports suggest some datasets used by customers and details about secretive AI projects could have been compromised. Mercor said it contained and remediated the incident and is pursuing a third-party forensics investigation. The attack has been linked to the TeamPCP hacking group, which planted malicious code in LiteLLM, a widely used open-source library. While the incident is not a campus-specific event, it raises direct risks for universities and research centers that integrate third-party AI tooling—especially when they connect campus systems to external model APIs or data pipelines.