Earlier this month, a $10 billion startup called Mercor confirmed it had been hit by a supply-chain attack. If you haven't heard of Mercor, that's kind of the point. Most people haven't. But Mercor is the kind of company that quietly sits at the center of how the biggest AI platforms in the world actually work.
Mercor recruits experts — doctors, lawyers, writers, researchers — to label data, evaluate outputs, and build the training pipelines that power frontier AI models. Its clients include OpenAI, Anthropic, and Meta. When a hacker exploited a vulnerability in a widely used open-source library called LiteLLM, they didn't just steal personal data. According to reporting by Wired, they may have walked away with something far more valuable: the training methodologies behind some of the world's most powerful AI systems. Meta responded by freezing all Mercor contracts. OpenAI said it was investigating. A class action lawsuit now covers more than 40,000 people.
We want to talk about what this actually means — not for the companies, but for you.
The AI supply chain you never knew existed
Here's something most people don't think about when they open an AI app: the response you get didn't come from nowhere. It came from a model that was trained on data. And that data came from somewhere. Often, it came from companies like Mercor — intermediaries that aggregate, label, and package human-generated content and feedback into the training sets that teach AI systems how to behave.
This supply chain is enormous, largely invisible, and, as we just learned, potentially fragile.
The Mercor breach exposed a structural risk that the AI industry has rarely had to confront openly: when multiple competitors rely on the same third-party data supplier, a single point of failure can expose all of them simultaneously. Meta's training pipeline. OpenAI's methodology. Anthropic's safety labeling processes. All potentially compromised through one vendor that most users had never heard of.
There's also a layer to this story that got less attention than it deserved. Delve Technologies — the company that had certified LiteLLM's security compliance, including its SOC 2 and ISO 27001 certifications — was subsequently revealed to be running what investigators described as auto-generated compliance reports. Pre-written. Largely identical across clients. The security audit that was supposed to prevent exactly this kind of thing was, in many cases, a fiction.
Delve was kicked out of Y Combinator on April 4th. The damage was already done.
What this has to do with your conversations
You might be thinking: I don't work at Mercor. My data wasn't in their system. This isn't about me.
Maybe not directly. But the Mercor breach is a window into how the AI industry is actually structured — and that structure has real implications for anyone who uses an AI platform.
When you have a conversation with an AI tool that trains on user data, that conversation doesn't stay in one place. It flows into systems, pipelines, and infrastructure that you never see and almost certainly haven't consented to in any meaningful way. Those systems involve vendors. Those vendors have their own vendors. And as we just learned, any one of those points of contact is a potential vulnerability.
This is not a paranoid framing. It's just how supply chains work. The AI industry is not exempt from it.
The question worth asking isn't whether your AI app has good intentions. It's whether the infrastructure behind it — the full chain of custody for your data — has the kind of structural integrity that matches those intentions. And in most cases, the honest answer is that you have no way of knowing.
A different approach
We built Blob around a simple conviction: your conversations should belong to you. Not to us, not to our vendors, and certainly not to a supply chain you've never heard of.
Here's what that looks like in practice. Conversation data on Blob is encrypted at rest — meaning even we cannot read it. It is retained for 90 days and then deleted. We don't use your conversations to train AI models, which means they don't flow into labeling pipelines, training datasets, or third-party data contractors. There is no Mercor in our supply chain because there is no supply chain that touches your conversations.
Our business model is subscriber-funded. There are no advertisers to optimize for, no data partners to satisfy, and no competitive pressure to extract more value from your interactions than the value of the subscription itself. That structural difference matters more than any privacy policy.
The deeper point
The Mercor breach isn't an anomaly. It's a symptom of an industry that scaled faster than its accountability structures. The AI companies at the top of this supply chain have made enormous promises about privacy and safety. Some of them mean it. But good intentions don't survive a compromised open-source library if the infrastructure underneath was never designed to protect user data in the first place.
The right response isn't panic. It's clarity about what you want from the AI tools you use and whether the business model behind them actually supports that.
Privacy isn't a feature. It's a structure. And structure matters more than marketing.
FAQs
What was the Mercor breach?
Mercor, a $10 billion AI data startup that supplies training data to OpenAI, Anthropic, and Meta, was hit by a supply-chain attack in early April 2026. Hackers exploited a vulnerability in an open-source library called LiteLLM, potentially exposing training methodologies, personal data, and the proprietary AI development practices of multiple top AI companies. Over 40,000 people are covered by a class action lawsuit.
Did the Mercor breach affect my conversations with ChatGPT or other AI tools?
The breach exposed data from Mercor's contractor networks and potentially AI training methodologies. The full scope of what was compromised is still being investigated. What it illustrates is the broader risk: when AI companies rely on third-party data vendors, your data's security depends on the entire supply chain — not just the app you're using.
Does Blob AI use third-party training data vendors like Mercor?
No. Blob does not train on user conversations at all, which means your conversations never enter a training pipeline, a labeling network, or any third-party data vendor relationship. Your conversations are encrypted at rest, retained for 90 days, and then deleted.
How do I know if the AI I use trains on my data?
Check the privacy policy's section on training data — look for phrases like "improve our services" or "used to train models." Most major AI platforms train on user data by default unless you actively opt out. Even then, policy opt-outs are legal controls, not architectural ones.
What does "encrypted at rest" mean for my conversations?
It means your conversations are stored in an encrypted format that cannot be read — even by Blob's own team. Only you can access your conversations. This is different from encryption in transit, which only protects data while it's being sent.