Vercel Confirms Data Breach, Hackers Accessed Claim Internal

Vercel has confirmed a significant security incident, revealing threat actors gained unauthorized access to its internal systems. Subsequently, a hacker group reportedly attempted to sell stolen data for $2 million on underground forums.

Vercel, one of the most widely used frontend cloud platforms powering millions of developer deployments, confirmed the breach in an official security bulletin published on April 18–19, 2026.

The company stated it is actively investigating the incident with the help of cybersecurity firm Mandiant and has notified law enforcement authorities.

The intrusion traces back to a compromise of Context.ai, a third-party AI tool used by a Vercel employee. Attackers leveraged a malicious or compromised Google Workspace OAuth app associated with Context.ai to hijack the employee’s Google Workspace account.

Once inside, the threat actors pivoted to access select Vercel environments and read non-sensitive environment variables from a limited number of customer configurations.

Vercel confirmed that environment variables explicitly marked as “sensitive,” which are stored in a manner that prevents them from being read, showed no evidence of being accessed.

However, any variables not marked sensitive and containing secrets such as API keys, tokens, database credentials, or signing keys should be treated as potentially exposed and rotated immediately.

The compromised OAuth app has been publicly identified as an indicator of compromise (IOC): 110671459871-30f1spbu0hptbs60cb4vsmv79i7bbvqj.apps.googleusercontent.com. Vercel is urging all Google Workspace administrators to immediately audit their environments for usage of this app.

ShinyHunters Claims $2 Million Sale

The incident escalated after a threat actor claiming to be ShinyHunters posted on BreachForums, offering Vercel’s alleged internal database, access keys, source code, employee accounts, API keys, NPM tokens, and GitHub tokens for $2 million.

The attacker shared a text file containing 580 Vercel employee data records, including names, email addresses, account status, and activity timestamps, along with a screenshot of an alleged internal Vercel Enterprise dashboard as proof of access.

In messages circulated on Telegram, the threat actor also claimed to have been in direct communication with Vercel regarding a ransom demand, though Vercel has not publicly confirmed any ransom negotiations.

CEO Flags Highly Sophisticated Attackers

Vercel CEO Guillermo Rauch characterized the threat actor as “highly sophisticated,” citing their operational velocity and detailed understanding of Vercel’s internal systems.

Rauch noted the attackers may have leveraged AI capabilities to accelerate their intrusion efforts, and strongly urged all customers to rotate API keys and tokens as a precautionary measure.

Vercel has confirmed that Next.js and its broader supply chain remain unaffected by the incident. All services are fully operational, and the company has deployed extensive protection and monitoring measures.

Customers who have not been directly notified by Vercel have no current evidence of credential or personal data compromise, though the investigation remains ongoing.

• Review activity logs in the Vercel dashboard or CLI for any suspicious behavior
• Rotate all environment variables containing secrets that were not marked as sensitive
• Enable the sensitive environment variables feature for all future secrets
• Inspect recent deployments for unexpected or unauthorized changes
• Ensure Deployment Protection is set to Standard or higher
• Rotate Deployment Protection bypass tokens if previously configured
• Audit Google Workspace for the identified malicious OAuth app IOC immediately

Vercel is providing ongoing updates to its security bulletin as the investigation progresses.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.