Mercor, an AI training and data labeling startup valued at about 10 billion dollars, has been hit with class-action litigation following a data breach that exposed sensitive contractor information. The incident, reported in April 2026, has drawn at least seven separate lawsuits and prompted a major customer to pause its work with the company.
The exposed material was unusually sensitive. According to the suits, the breach revealed contractor information that included job interview recordings, facial biometric data, and screenshots of employees' computers. Biometric data carries heightened legal exposure because, unlike a password, it cannot be changed once compromised.
The fallout reached a prominent partner. Meta, which had worked with Mercor on AI training tasks, paused its engagement with the company and began investigating the breach. The pause illustrates how a security failure at a data vendor can disrupt relationships across the AI supply chain, where large model developers rely on outside firms to gather and label training data.
The case fits a broader pattern in which AI operations create new categories of exposed data. Industry reporting indicates that AI-related security incidents have grown as companies collect and process large volumes of personal and biometric information to build and refine models. The Mercor lawsuits center on whether the company maintained adequate safeguards for the contractor data it held. The litigation is in its early stages, and the company has not detailed the technical cause of the breach publicly.
Source: PYMNTS - https://www.pymnts.com/legal/2026/ai-startup-mercor-faces-lawsuit-over-data-breach/