Vercel, a cloud hosting provider popular with crypto projects, confirmed a security breach that exposed a “limited” subset of customer credentials.
In a blog post, Vercel said it “identified a security incident that involved unauthorized access to certain internal Vercel systems” and was investigating. “Initially we identified a limited subset of customers whose Vercel credentials were compromised,” the company said, adding that it had contacted affected customers and recommended immediate credential rotation.
The confirmation followed reports on X that a BreachForums user called “ShinyHunters” posted an offer to sell Vercel data for $2 million. The post claimed to include access keys, source code, database information and employee accounts with access to internal deployments, which could be used for a “global supply chain attack.” Vercel did not directly address those specific claims but described the attacker as “highly sophisticated based on their operational velocity and detailed understanding of Vercel’s systems.”
Third-party AI tool compromised to carry out hack
Vercel CEO Guillermo Rauch said the attack began after a Vercel employee was compromised through a breach of a third-party artificial intelligence tool the company used, Context.ai. From that foothold, the attacker was able to compromise the employee’s Google Workspace account and gain access to some internal Vercel systems.
Rauch noted Vercel stores customer environments with full encryption but allows variables to be marked as “non-sensitive,” and the attacker “got further access through their enumeration.” He said he suspects the group was “significantly accelerated by AI,” given their speed and in-depth understanding of Vercel’s systems.
Vercel said it had deployed extensive protective measures and monitoring, and had analyzed its supply chain to ensure Next.js, Turbopack and its open source projects remain safe. Rauch advised following standard incident-response practices: rotate secrets, monitor access to Vercel environments and linked services, and use the sensitive environment variables feature properly.
Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently. Read our Editorial Policy https://cointelegraph.com/editorial-policy