VERCEL confirmed on Sunday that it has suffered an intrusion after a hacker offering to sell data allegedly stolen from the company’s systems appeared on BreachForums, with the sale pegged at $2 million. The hacker, using the moniker ShinyHunters, claimed to be selling Vercel databases, access keys, employee accounts, and source code.
Vercel said the incident originated with a compromise of Context[.]ai, a third‑party AI tool used by a Vercel employee, which allowed the attacker to take over the employee’s Google Workspace account and access some environments and environment variables not marked as sensitive. The company emphasised that Vercel stores all customer environment variables fully encrypted at rest, and noted that enumeration enabled further access.
It confirmed unauthorized access to a limited subset of customers’ credentials, with impacted users being notified and asked to reset credentials as the investigation progresses. according to Vercel.