Meta pauses Mercor partnership after LiteLLM-linked data breach

Meta has suspended its working relationship with hiring platform Mercor following a data breach connected to LiteLLM, an open-source library used for managing AI model integrations. The breach exposed sensitive information and prompted Meta to sever ties with the startup while it investigates the security incident. Mercor, which uses AI to match employers with job candidates, had been working with Meta on recruitment initiatives. The incident highlights growing supply chain risks as enterprises increasingly rely on third-party AI tools and open-source components. LiteLLM serves as a popular abstraction layer allowing developers to route requests between multiple large language model providers. Security researchers note that such intermediary tools have become attractive targets for attackers seeking to compromise multiple downstream services. Meta's swift response reflects heightened corporate sensitivity to data protection failures, particularly those involving AI infrastructure partners. The breach's full scope remains under investigation.