Mercor's Billionaire Founders Face Fraud and Security Woes

Source: forbes.com

TL;DR

• Mercor's young billionaire founders revealed employee fraud and suspected North Korean operatives infiltrating their contractor pool.
• A lead manager embezzled hundreds of thousands in bonuses to family; North Koreans used stolen credentials for code tasks, producing data for Anthropic.
• Amid fast growth to $1 billion revenue run rate, security issues like a LiteLLM hack have paused Meta's work and drawn lawsuits.

The story at a glance

Data labeling startup Mercor, founded in 2023 by 23-year-old billionaires Brendan Foody, Adarsh Hiremath, and Surya Midha, faces fraud, security breaches, and suspected North Korean infiltration as it scales rapidly. The company recruits experts for AI labs like OpenAI and Anthropic, hitting a $1 billion annualized revenue run rate. This Forbes investigation, based on former employees and sources, comes now after a major hack and amid industry-wide threats.

Key points

• CEO Foody addressed fraud in an all-hands meeting: an early hire and Anthropic account lead paid hundreds of thousands in bonuses to his brother and father as fake experts; funds were recovered without customer loss.[[1]](https://www.forbes.com/sites/rashishrivastava/2026/04/15/mercors-23-year-old-billionaire-founders-grapple-with-employee-fraud-and-north-korean-infiltration/)[[2]](https://www.forbes.com/sites/rashishrivastava/2026/04/15/mercors-23-year-old-billionaire-founders-grapple-with-employee-fraud-and-north-korean-infiltration)
• From November 2024, employees suspected North Korean operatives ("NKs") using stolen credentials; they excelled at code-writing, working 80-hour weeks, and produced data for U.S. AI labs including Anthropic.[[1]](https://www.forbes.com/sites/rashishrivastava/2026/04/15/mercors-23-year-old-billionaire-founders-grapple-with-employee-fraud-and-north-korean-infiltration/)
• Mercor responded with screening firms, a fraud team, internal NK guide, and Persona verification; spokesperson claims industry-leading detection via monitoring and IP blocks.
• Early April LiteLLM supply-chain hack affected Mercor; Meta paused work, OpenAI and others are reviewing; company says most customers continue.
• At least six contractor lawsuits allege negligence exposing personal data like Social Security numbers.

Details and context

Mercor recruits 50,000 PhDs, lawyers, and experts for AI training data, originally an AI recruiting platform. The founders, high school debate friends and Thiel Fellows, raised $350 million at $10 billion valuation in October 2025, becoming the youngest self-made billionaires.[[1]](https://www.forbes.com/sites/rashishrivastava/2026/04/15/mercors-23-year-old-billionaire-founders-grapple-with-employee-fraud-and-north-korean-infiltration/)[[3]](https://www.forbes.com/sites/richardnieva/2025/10/30/mercor-youngest-self-made-billionaires)

North Korean remote worker infiltration is an industry problem, funding weapons via millions in salaries; operatives use stolen IDs, AI for interviews, and drab shared offices visible in videos.[[1]](https://www.forbes.com/sites/rashishrivastava/2026/04/15/mercors-23-year-old-billionaire-founders-grapple-with-employee-fraud-and-north-korean-infiltration/)

Competitors like Scale AI (ex-billionaire Alexandr Wang), Invisible Technologies, Surge AI, and micro1 offer alternatives; AI labs can switch providers quickly if trust erodes.

Key quotes

“They would work 80 hours a week and produce the cleanest code,” one former employee told Forbes.[[1]](https://www.forbes.com/sites/rashishrivastava/2026/04/15/mercors-23-year-old-billionaire-founders-grapple-with-employee-fraud-and-north-korean-infiltration/)

“Multiple frontier labs have said we have industry leading fraud detection. That is because we have invested heavily in our fraud-detection processes and team,” spokesperson Heidi Hagberg said.[[1]](https://www.forbes.com/sites/rashishrivastava/2026/04/15/mercors-23-year-old-billionaire-founders-grapple-with-employee-fraud-and-north-korean-infiltration/)

Why it matters

These incidents highlight vulnerabilities in rapid AI data scaling, where sensitive training priorities could leak to adversaries like North Korea. For AI labs, it means reviewing partners and potential data exposure; for investors, Mercor's growth story now carries operational risks amid competition. Watch client reactions post-LiteLLM investigations and lawsuit outcomes, as they could shift market share.