Episode 450 April 11, 2026 β€’ 🎧 51:49

The 40-Minute Collapse: How Fake Compliance Broke the AI Supply Chain

A devastating supply chain attack on the AI startup Mercor has exposed a web of fabricated security certifications and invasive workplace surveillance, triggering a massive data theft and unprecedented legal fallout across the tech industry.

AI Security Cloud Security Compliance Supply Chain Privacy & Data
The 40-Minute Collapse: How Fake Compliance Broke the AI Supply Chain

🎧 Listen to this Episode

⬇️ Download Episode πŸ”— View on Podbean

Show Notes

In March 2026, a 40-minute supply chain attack on the open-source library LiteLLM allowed hackers to steal four terabytes of highly sensitive data from Mercor, a $10 billion AI training startup. The breach exposed a fragile trust infrastructure across the tech industry, revealing that LiteLLM's security certifications were fabricated by Delve Technologies, a compliance vendor that systematically rubber-stamped fake audits. As major AI labs like Meta indefinitely pause their contracts, Mercor now faces a wave of class-action lawsuits alleging that its mandatory, invasive contractor surveillance practices funneled unauthorized third-party trade secrets and personal data straight to cybercriminals.

https://compliancehub.wiki/mercor-litellm-delve-class-action-supply-chain-compliance-fraud/

https://compliancehub.wiki/five-lawsuits-mercor-data-breach-litigation-breakdown/

Β 

Sponsors

www.breached.company

www.compliancehub.wikiΒ 

Share this episode

𝕏 Share on X in Share on LinkedIn

Enjoying CISO Insights?

Subscribe to get new episodes delivered directly to your podcast app.

Apple Podcasts Spotify YouTube

Related Episodes

Ask Sage πŸ€–