Mercor Breach: 4TB of Voice Samples + IDs Stolen – What Attackers Can Do Now
On April 4, 2026, the extortion group Lapsus$ posted Mercor on its leak site. The dump is roughly four terabytes, bundling voice biometrics paired with government-issued identity documents for over 40,000 contractors who labeled data, recorded reading passages, and ran verification calls for AI training.
Why This Breach Is Different
Most voice leaks fall into two buckets: call center recordings without easy identity mapping, or ID-document leaks without audio. Mercor merged both. The contractor onboarding pipeline asked for a passport or driver's license scan, a webcam selfie, then a sit-down voice recording reading scripted prompts. That sequence is exactly what a synthetic voice cloning service needs as input. High-quality voice cloning now requires roughly 15 seconds of clean reference audio — the Mercor recordings average 2–5 minutes of studio-clean speech per contractor, paired with a verified ID.
What Attackers Can Do
These threat models are already documented in the wild:
- Bank verification bypass: Several US and UK banks use voiceprint as one of two factors. A clone reading a challenge phrase clears the audio gate, leaving only a knowledge question from the same leaked dataset.
- Vishing the victim's employer: Calling HR or finance pretending to be the employee to redirect payroll, request a wire, or unlock a workstation. Krebs on Security lists more than two dozen confirmed cases since 2023.
- Deepfake video calls (Arup template): In 2024, a finance worker at Arup wired ~$25M after a multi-person deepfake video call built from public footage — Mercor leaks studio audio plus a verified ID.
- Insurance claim fraud: Pindrop reported a 475% year-over-year increase in synthetic voice attacks against insurance call centers across 2025.
- Romance and grandparent scams: FBI IC3 logged $2.3B in losses for victims aged 60+ in 2026; the fastest-growing category was emergency impersonation calls.
How to Check If Your Voice Is Being Misused
If you uploaded a voice sample to Mercor or any AI training broker through 2025, treat your voice like a leaked password. You cannot rotate it, but you can change what it unlocks:
- Self-audit your public audio footprint: search YouTube, podcast directories, and old Zoom recordings for samples of your voice. Remove what you can.
📖 Read the full source: HN AI Agents
👀 See Also
OpenClaw Early User Reports Telegram Issues, Agent Profile Hardcoding, and Session Reset Problems
A user's first three days with OpenClaw revealed several practical challenges: Telegram responses disappearing, agent profiles hardcoded to 'messaging' in source code, and Wacli becoming unavailable after session resets. The user ran micro tests on Docker, connected Telegram and Wacli, and set up a heartbeat.
Claude Opus 4.6 effort=low parameter causes lazy agent behavior
When using effort=low with Claude Opus 4.6, agents made fewer tool calls, were less thorough in cross-referencing, and ignored parts of system prompts about web research. Switching to effort=medium resolved the issues.
HN data confirms arXiv paper share dropping, LLM hype peak behind us?
Dylan Castillo used Claude to query HN BigQuery data, finding that the percentage of front-page stories linking to arXiv has been decreasing rapidly in recent months, after an LLM-dominated peak in 2023–2026.
Claude Opus 4.7 Model Card Released
Anthropic has published the Claude Opus 4.7 model card, providing technical documentation for their latest AI model. The source material appears to be a PDF document containing system specifications and technical details.