Cloud hosting firm Vercel confirms ‘limited’ hack of user info

Vercel, a cloud hosting provider popular among crypto projects, has confirmed that it suffered a security breach that allowed hackers to make off with a “limited” subset of customer credentials.

Vercel said in a blog post on Sunday that it “identified a security incident that involved unauthorized access to certain internal Vercel systems” and was investigating the breach.

“Initially we identified a limited subset of customers whose Vercel credentials were compromised,” it added. “We reached out to that subset and recommended an immediate rotation of credentials.”

Vercel’s confirmation came after multiple X users reported that a post on the hacking forum BreachForums by a user called “ShinyHunters” claimed to be offering Vercel’s data in exchange for $2 million.

The poster claimed to have access keys, source code, database information and employee accounts with access to internal deployments, which they said could be used for a “global supply chain attack.”

Source: Shirish Arya

Vercel did not address the post’s claims, but said the attacker was “highly sophisticated based on their operational velocity and detailed understanding of Vercel's systems.”

Third-party AI tool compromised to carry out hack

Vercel CEO Guillermo Rauch said on Sunday that the attack originated after a Vercel employee was compromised via a breach of an artificial intelligence tool they used called Context.ai.

The attacker was then able to compromise the Vercel employee’s Google Workspace account, allowing them access to some of Vercel’s internal systems.

Rauch said the company stores customer environments with full encryption, but it has the capability to designate variables as “non-sensitive,” and the attacker “got further access through their enumeration.”