Vercel Confirms Data Breach, Attackers Claim Internal System Access
Key Takeaways Frontend cloud platform Vercel has confirmed a security breach impacting its internal systems. The attack originated from a compromised third-party AI tool, Context.ai, used by a Vercel...
Key Takeaways
- Frontend cloud platform Vercel has confirmed a security breach impacting its internal systems.
- The attack originated from a compromised third-party AI tool, Context.ai, used by a Vercel employee.
- Threat actors gained access to non-sensitive environment variables from a limited number of customer configurations.
- The notorious ShinyHunters group claims responsibility, offering stolen data for $2 million.
- Vercel urges customers to rotate non-sensitive API keys and tokens and Google Workspace administrators to check for a specific malicious OAuth app.
Vercel, a leading frontend cloud platform, has officially confirmed a security incident where unauthorized actors infiltrated its internal infrastructure. This revelation follows claims from the notorious ShinyHunters hacking collective, which allegedly attempted to sell stolen Vercel data for $2 million on dark web forums.
Table Of Content
The company, which underpins millions of developer deployments, issued a security bulletin between April 18 and 19, 2026, acknowledging the breach. Vercel stated it is actively collaborating with cybersecurity firm Mandiant to investigate the scope of the compromise and has alerted law enforcement authorities.
Attack Vector and Impact
The intrusion originated from a compromise involving Context.ai, an AI tool utilized by a Vercel employee. Attackers exploited a malicious or compromised Google Workspace OAuth application linked to Context.ai to gain unauthorized access to the employee’s Google Workspace account.
Once inside, the threat actors successfully navigated to specific Vercel environments, where they accessed and read non-sensitive environment variables from a restricted set of customer configurations. Vercel has clarified that environment variables explicitly designated as “sensitive,” which are stored using enhanced security measures preventing their direct readability, showed no evidence of compromise.
However, any variables not marked as sensitive, which could include critical information such as API keys, tokens, database credentials, or signing keys, should be considered potentially exposed. Vercel strongly advises immediate rotation of such credentials.
The compromised OAuth application has been identified as a critical indicator of compromise (IOC): 110671459871-30f1spbu0hptbs60cb4vsmv79i7bbvqj.apps.googleusercontent.com. Vercel is urging all Google Workspace administrators to conduct an immediate audit of their environments to detect any usage of this specific application.
ShinyHunters Claims $2 Million Data Sale
The incident gained further notoriety when a threat actor, identifying as part of the ShinyHunters group, posted on BreachForums. The post offered what was claimed to be Vercel’s internal database, access keys, source code, employee accounts, API keys, NPM tokens, and GitHub tokens for a price of $2 million.

As proof of access, the attacker shared a text file allegedly containing 580 Vercel employee records, detailing names, email addresses, account statuses, and activity timestamps. A screenshot purporting to show an internal Vercel Enterprise dashboard was also provided.

Messages circulated on Telegram by the threat actor also indicated direct communication with Vercel regarding a ransom demand. However, Vercel has not publicly corroborated any such ransom negotiations.
CEO Characterizes Attackers as “Highly Sophisticated”
Vercel CEO Guillermo Rauch described the threat actors as “highly sophisticated,” noting their rapid operational execution and apparent deep understanding of Vercel’s internal architecture. Rauch speculated that artificial intelligence capabilities might have been leveraged by the attackers to expedite their intrusion efforts. He reiterated a strong recommendation for all customers to rotate API keys and tokens as a preventative measure.
Vercel has confirmed that its Next.js framework and the broader supply chain remain unaffected by this incident. All services are currently fully operational, and the company has implemented extensive new protection and monitoring protocols.
Customers who have not received direct notification from Vercel currently show no evidence of compromised credentials or personal data, though the investigation is ongoing.
What You Should Do
- Review activity logs within your Vercel dashboard or CLI for any unusual or suspicious behavior.
- Immediately rotate all environment variables containing secrets that were not explicitly marked as sensitive.
- Enable the sensitive environment variables feature for all future secrets to enhance their protection.
- Inspect recent deployments for any unexpected or unauthorized changes.
- Ensure Deployment Protection is configured to Standard or a higher level.
- Rotate Deployment Protection bypass tokens if they were previously configured.
- Google Workspace administrators must audit their environments immediately for the identified malicious OAuth app IOC:
110671459871-30f1spbu0hptbs60cb4vsmv79i7bbvqj.apps.googleusercontent.com.
Vercel is providing ongoing updates via its official security bulletin as the investigation progresses.
Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.



No Comment! Be the first one.