Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Cloud service provider Vercel said this week that hackers had breached its internal systems and gained access to customer information. Hackers are said to have stolen customer information from Vercel’s systems and are selling the content online.
In word on SundayVercel said the breach came from another software developer, Context AI. One of Vercel’s employees downloaded an app created by Context AI and connected it to their company account, which is managed by Google. Hackers used this connection (known as OAuth) to hijack a Vercel employee’s Google account and gain access to some of Vercel’s internal applications, including unencrypted authentication.
Vercel says its Next.js and Turbopack services were not affected by the breach. All open source projects are widely used by web and software developers.
Vercel said it has contacted customers whose data and keys were compromised.
In post on XVercel CEO Guillermo Rauch advised customers to exchange any keys and information on their software shipments that are marked as “untouchable.”
It is unclear who is behind the Vercel or Context AI breach, or if it is the same hacker. The threat actor selling the information claims to represent the ShinyHunters fraud group on their list of cybercriminals. The post, seen by TechCrunch, said the hackers are selling access to customer API keys, source code, and a stolen database from Vercel.
ShinyHunters is a hacker group, well known for hacking cloud and database companies, he said cybersecurity website Bleeping Computer that they are not involved in this event.
A Vercel spokesperson did not say how many customers may be affected, but said the company has not received any communication from the attacker, such as a ransom demand.
While the details of the hack are still emerging, the security breach is the latest in a series of supply chain attacks in recent months that have targeted software developers whose code is widely used online. By compromising software used by companies and supporting websites, hackers can steal information from multiple targets at once and gain access to information stored by other cloud giants.
Vercel said little about the attack, except that he was investigating what happened and asked Context AI for answers. Vercel said the hack could affect “hundreds of users across multiple organizations,” not just his systems, warning of a potential breach in the tech industry.
Context AI, which produces AI-based analytics and analytics, confirmed on its website that it had breached the March integration of its Context AI Office Suite software. The software allows users to customize actions and workflows for multiple third-party applications using an anonymous third party.
An image of AI he said notified one customer of the breach, but based on Vercel’s actions, it believes there is more to the incident than first thought. Context AI said the hackers “may have compromised OAuth tokens for some of our users.”
Context AI did not respond to a request for comment or questions about the breach. It’s unclear why Context AI didn’t disclose the breach at the time, or whether the company received a demand from the hacker, such as a ransom.
It was designed to remove the claims of Context AI unrelated to its employees acquired by OpenAI. Updated with comments from Vercel.