Mercor has confirmed a security incident linked to the LiteLLM supply chain attack, which has been attributed to the hacking group TeamPCP, although Lapsus$ claims responsibility for obtaining hundreds of gigabytes of Mercor's data. The incident highlights the growing threat of supply chain attacks, where vulnerabilities in third-party vendors are exploited to gain access to sensitive information. The attack on LiteLLM, a vendor of Mercor, has resulted in a significant data breach, with Lapsus$ boasting about the extent of the stolen data on its website1. The incident underscores the importance of robust security measures and vendor risk management. As the threat landscape continues to evolve, organizations must remain vigilant and proactive in protecting their systems and data. The confirmation of the security incident by Mercor serves as a reminder that staying informed about potential threats is crucial for defense, so what matters most to practitioners is the need to reassess their supply chain security and incident response plans.