AI training startup Mercor faces five federal lawsuits alleging that a security breach involving compromised LiteLLM software exposed sensitive personal data belonging to the company's contract workers.

Key Points

• Five lawsuits filed in California and Texas accuse Mercor of negligence regarding the protection of Social Security numbers and interview recordings.
• Mercor confirmed it was impacted by a security breach within the open-source LiteLLM software project, which is maintained by Berrie AI.
• Plaintiffs allege that the data exposure resulted from inadequate security measures, leading to potential identity theft risks for gig workers.
• Legal filings name Berrie AI and the security audit firm Delve Technologies as additional defendants in the litigation.
• Meta has reportedly paused its business relationship with Mercor following the disclosure of the data breach.

Why it Matters

This litigation highlights the growing legal risks for AI companies that rely on third-party software and large networks of gig workers to train their models. The involvement of multiple defendants suggests a complex liability landscape as organizations face increased scrutiny over data security and compliance standards.