Mercor's $10B Rests on 30,000 Names. APEX Just Printed Them.
Mercor's $10B valuation depends on AI labs not reaching its 30,000 domain experts directly. The APEX papers and March breach made the roster sourceable.
Mercor closed a $350M Series C at a $10B valuation on October 28, 2025, a 5x step-up in eight months. The pitch is a 300,000-professional network with 30,000 weekly active contractors paying out over $2M a day to doctors, lawyers, and bankers who fine-tune models for OpenAI, Anthropic, and Meta. The product they sell labs is matching. The product they sell investors is identity obfuscation. Both broke in 2026.
What Mercor is actually selling
Strip away the AI interview and the Archipelago eval infrastructure and Mercor is a staffing firm with a 30 to 40% take rate. Contractors keep 60 to 70% of top-line revenue. The remaining 30 to 40% pays for the matching layer, the vetting (a 20 to 30 minute AI interview plus a GitHub and LinkedIn crawl), and, critically, the promise that a lab paying $300 an hour for a CPA never learns that CPA's name.
That last piece is the moat. Vetting is replicable. A 20 minute structured interview is replicable. What was not replicable, until recently, was the wall between an Anthropic research lead and the 100 specific accountants tuning their tax model.
The wall came down in two ways. First, Mercor itself published the exact sourcing spec in its APEX papers. Second, the March 27 LiteLLM breach exposed 211 GB of candidate records and 3 TB of interview video. The question for recruiters and AI lab talent leads is no longer whether the Mercor talent network is reachable. It is whether you want to do the work.
The APEX papers are a roster, not a benchmark
APEX-v1 went up on arXiv as 2509.25721. APEX-Agents v3 followed. Both are technically expert-evaluation benchmarks for frontier models on consulting, banking, and legal tasks. Operationally, they are contributor disclosures.
The v1 byline names Bertie Vidgen, Abby Fennelly, Evan Pinnix, Chirag Mahapatra, Brendan Foody, and Osvald Nitski, with advisors Dominic Barton (former McKinsey global managing director), Cass R. Sunstein (Harvard Law), and Eric Topol (Scripps Research). The v3 byline adds nineteen more named Mercor employees: Austin Mann, John Wright Stanly, Lucas Rothman, Marco Burstein, Julien Benchek, David Ostrofsky, Anirudh Ravichandran, Debnil Sur, Neel Venugopal, Alannah Hsia, Isaac Robinson, Calix Huang, Olivia Varones, Daniyal Khan, Michael Haines, Austin Bridges, Jesse Boyle, Koby Twist, and Zach Richards.
That is twenty plus named operators tagged to specific RLHF projects, plus three advisors whose CVs read as the platonic expert profile Mercor is selling. None of them are hard to reach.
The sourcing recipe Mercor published itself
The APEX-v1 paper contains this sentence: "Experts were sourced through the Mercor platform. We targeted experts with appropriate experience, such as 3+ years at a top consulting firm, and prioritized experts with data labeling experience. Once sourced, experts completed a 30 to 45-minute interview."
That is the filter. Expert count grew from 76 to 137 across APEX versions with mean industry experience of 7+ years. The APEX-Agents leaderboard then names the source firms outright: Goldman Sachs, McKinsey, and Cravath in the headline; McKinsey, BCG, Deloitte, Accenture, and EY on the consulting side; Goldman Sachs, Morgan Stanley, JPMorgan, and Barclays on the banking side. Harvey AI shows up as a legal-world collaborator.
That is a Boolean string a competent domain expert recruiter writes in fifteen minutes. "VP" OR "Manager" at McKinsey or Goldman, 5 to 10 years tenure, anything on the profile that hints at moonlight work (a Substack on accounting LLMs, a GitHub with a labeling repo, a Kaggle account, a credit on a Hugging Face dataset card).
Hugging Face is the second roster
The APEX-Agents dataset is published at mercor/apex-agents on Hugging Face. It open sources prompts, rubrics, gold outputs, files, and metadata, along with the Archipelago evaluation infrastructure. Dataset cards on Hugging Face list contributors. Contributors on Hugging Face have profiles. Profiles on Hugging Face link to GitHub. GitHub links to email.
This is the recipe Mercor's matching layer was designed to prevent you from running, and it is the recipe Mercor itself enabled by publishing the dataset.
The breach inverted the moat
Between March 27 and 31, 2026, a threat group called TeamPCP compromised LiteLLM's CI/CD pipeline and pushed poisoned PyPI packages 1.82.7 and 1.82.8. The packages were live for roughly 40 minutes. That was enough.
Roughly 4 TB of data was exfiltrated from Mercor. The breakdown: 211 GB of candidate records, 3 TB of interview video and facial biometrics, and 939 GB of source code and API keys. The 40,000+ contractors whose personal data was exposed are the same people who power the $2M-a-day payout machine.
number: 4 TB
label: Data stolen from Mercor in the March 2026 breach
note: Includes 211 GB of candidate records, 3 TB of interview video, and 939 GB of source code and API keys.