In a significant security incident, a data breach at AI data labeling firm Mercor has compromised 4 terabytes of voice samples belonging to approximately 40,000 contractors. The stolen data includes sensitive voice recordings, which cybersecurity experts warn could be used to bypass voice biometric systems.
"Your voice is now an un-rotatable password — and it just got leaked," noted a security analyst commenting on the breach.
The breach, first reported on Hacker News, highlights growing concerns over the security of biometric data used in training AI models. Voice samples are increasingly employed as authentication factors in banking, smart devices, and corporate security. Unlike passwords, compromised voice data cannot be easily changed, leaving victims permanently vulnerable.
Mercor, a company known for providing human-annotated data for AI training, has not yet issued an official statement regarding the incident. Affected contractors are advised to monitor for potential misuse of their voice data and to contact Mercor for further guidance.
This incident underscores the critical need for robust data protection measures, especially for companies handling biometric information.