Why Are We Still Storing PII in 2026?

The Mercor Breach Is the Wake-Up Call — But Not the First

In April 2026, AI startup Mercor—valued at $10B—was hit by a major data breach that exposed candidate profiles, PII, employer data, and even source code. (TechCrunch)

The root cause wasn’t a simple hack. It was a supply chain compromise—a poisoned open-source dependency (LiteLLM) that cascaded across thousands of systems in minutes. (TechCrunch)

Up to 4TB of data was reportedly exfiltrated. (Asanify)

And once again, the same uncomfortable question surfaces:

Why are we still storing PII at this scale in the first place?

The Real Problem Isn’t Security — It’s Architecture

Every breach gets framed as a security failure.

But Mercor exposes something deeper:

This is an architecture failure.

Companies still operate on a legacy assumption:

• Collect user identity

• Store it centrally

• Secure it as best as possible

That model made sense in 2005.

It does not make sense in:

• AI-native systems

• Multi-agent environments

• Global data supply chains

Because today:

• Data flows across vendors, APIs, agents, and pipelines

• One compromised dependency = full system exposure

• Identity becomes the most valuable—and most vulnerable—asset

The Hidden Reality: PII Is a Liability, Not an Asset

The industry still treats PII like oil.

But in reality, PII behaves more like radioactive material:

• Expensive to store

• Dangerous to transport

• Catastrophic when leaked

In the Mercor case:

• Social Security numbers

• Identity documents

• Video interviews

• Behavioral data

All became attack surface. (Compliance Hub)

And once exfiltrated:

• You cannot rotate it (unlike passwords or API keys)

• You cannot revoke it

• You cannot contain its downstream impact

So Why Do Companies Still Store PII?

1. Legacy Compliance Thinking

Most systems are built around:

• KYC / IDV storage requirements

• Audit trails tied to raw identity

But compliance frameworks haven’t caught up to:

• Tokenization

• Zero-PII architectures

• Decentralized identity models

2. Data Monetization Incentives

PII fuels:

• Targeting

• Analytics

• AI training

But this creates a perverse incentive:

The more data you store, the more risk you accumulate.

3. Broken Identity Models

Today’s identity stack is still:

• Username / password

• Session-based

• Database-backed

Even “modern” IAM systems still rely on:

Centralized identity storage as the source of truth

4. AI Made It Worse

AI systems require:

• Massive datasets

• Cross-system integrations

• Continuous data flows

This means:

• More PII collected

• More places it’s stored

• More surfaces to attack

The Mercor breach wasn’t just a company issue—it was an AI ecosystem failure.

The Shift: From Storing Identity → Verifying Identity

The future isn’t better encryption.

It’s not storing PII at all.

The New Model:

• Identity is verified once

• A tokenized identity (HIT) is issued

• Systems operate on tokens—not raw PII

• Access, actions, and AI execution are bound to that token

This changes everything:

• No centralized PII honeypot

• No reusable identity data to steal

• No cascading breach impact

Why This Matters Now

The Mercor incident triggered:

• Lawsuits

• Enterprise contract suspensions

• Industry-wide trust concerns

This is the pattern:

1. Breach

2. PR response

3. Credit monitoring

4. Repeat

What doesn’t change?

The underlying architecture.

The Bottom Line

We don’t have a breach problem.

We have a data model problem.

As AI systems scale:

• Agents act autonomously

• Data moves dynamically

• Trust must be programmable

The only viable path forward is:

Identity without exposure.Execution without PII.Governance without centralized storage.

Closing Thought

The question is no longer:

“How do we secure PII?”

The real question is:

“Why does your system still need to store it?”