Everything we know about the Vercel data breach so far
An OAuth supply chain compromise saw 'non-sensitive' Vercel data compromised and some internal systems accessed
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
You are now subscribed
Your newsletter sign-up was successful
Cloud development platform Vercel has confirmed it experienced a data breach after hackers claimed to have accessed its systems.
The Vercel platform is best known for supporting frameworks like Next.js, used by around two-thirds of JavaScript developers.
The attackers gained entry through the compromise of Context.ai, a third-party AI tool used by a Vercel employee.
That access was then used to take over the employee's Google Workspace account, giving the hackers access to some Vercel environments and variables that weren't marked as 'sensitive'.
"We assess the attacker as highly sophisticated based on their operational velocity and detailed understanding of Vercel's systems,” the company said in a statement.
“We are working with Mandiant, additional cybersecurity firms, industry peers, and law enforcement. We have also engaged Context.ai directly to understand the full scope of the underlying compromise.”
Vercel added that it worked closely with GitHub, Microsoft, npm, and Socket in the wake of the breach, stating that no npm packages were compromised.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
“There is no evidence of tampering, and we believe the supply chain remains safe,” Vercel continued.
Some customers impacted in Vercel data breach
Vercel said it has identified a number of customers whose non-sensitive environment variables – those that decrypt to plaintext – were compromised.
The company has contacted affected customers and recommended an immediate rotation of credentials.
Vercel added it will keep customers updated if it finds any evidence of further compromise.
Who is responsible?
A threat group claiming to be ShinyHunters has claimed responsibility for the attack in a post on Telegram, offering data that includes access keys, source code, and databases for sale, along with access to internal deployments and API keys
The attackers said they had been in touch with Vercel and were demanding a ransom of $2 million.
However, Austin Larsen, principal threat analyst at Google Threat Intelligence, cast doubt on these claims in a post on LinkedIn. In this instance, the threat actors behind the attack could be bluffing.
"It is likely this is an imposter attempting to use an established name to inflate their notoriety,” he said.
What should Vercel users do?
Vercel advised customers to add an additional layer of security by requiring at least two methods of authentication, configuring an authenticator app, and creating a passkey.
The company emphasized that simply deleting a project or account won’t work, as compromised secrets could still provide threat actors with access to production systems. Users are advised to rotate them first.
Customers should also take advantage of the sensitive environment variables feature so that secret values are protected from being read in the future.
Similarly, users are advised to review account activity logs and environments for suspicious activity, either through the dashboard or CLI.
Other tips included:
- Look out for recent, unexpected or suspicious-looking deployments
- Delete those that arouse suspicious
- Ensure Deployment Protect is set to Standard at a minimum
- Rotate Deployment Protection tokens, if set
Who else should worry?
Vercel said the attack on Context’s Google Workspace OAuth app was the subject of a “broader compromise, potentially affecting its hundreds of users across many organisations”.
Meanwhile, Context AI has confirmed that the hackers “likely compromised OAuth tokens for some of our consumer users”.
The firm said it in the process of contacting everyone identified as potentially impacted, with specific guidance on next steps.
Jaime Blasco, CTO of Nudge Security, advised users to switch to an “admin-managed consent” model when dealing with third-party applications.
"Start with OAuth consent. Most Google Workspace and Microsoft 365 environments are still configured to let any employee grant third-party apps access to their enterprise account,” he said.
"Inventory what you already have. OAuth grants accumulate, People try a tool, forget about it, leave the company, and the grant keeps living in the tenant with whatever scopes it asked for. Quarterly audits aren't enough especially when now we have agents using these grants. You need continuous visibility into who granted what, what scopes they granted, and whether the integration is even still being used."
FOLLOW US ON SOCIAL MEDIA
Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.
You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.
Emma Woollacott is a freelance journalist writing for publications including the BBC, Private Eye, Forbes, Raconteur and specialist technology titles.
-
Why your best engineers are doing the wrong workIndustry Insights Why MSPs should adopt platform engineering to free engineers for more strategic work.
-
How Tim Cook turned Apple into a 'durable' tech industry powerhouseNews Tim Cook might not boast the same tech visionary status as Steve Jobs, but the company’s growth has been remarkable
