Cloud app hosting giant Vercel this weekend remarked hackers had breached its internal systems and accessed customer data. Hackers have claimed they have stolen sensitive customer credentials from Vercel’s systems and are selling the data online.

In a statement on Sunday, Vercel remarked the breach originated from another software maker, Context AI. One of Vercel’s employees downloaded an app made by Context AI and connected it to their corporate account, which is hosted by Google. The hackers used that connection (known as OAuth) to take over the Vercel employee’s Google account and gain access to some of Vercel’s internal systems, including credentials that were not encrypted.

Vercel says its Next.js and Turbopack projects were not affected by the breach. Both open source projects are widely used by web and app developers.

Vercel mentioned it has contacted customers whose app data and keys were compromised. 

In a post on X, Vercel chief executive Guillermo Rauch advised customers to rotate any keys and credentials in their app deployments that are marked as “non-sensitive.”

It’s not clear who is behind the breach at Vercel or Context AI, or if they are the same hacker. The threat actor selling the data claimed to be representing the ShinyHunters hacking group in their listing on a cybercriminal forum. The post, seen by TechCrunch, claimed the hackers were selling access to customer API keys, source code, and database data stolen from Vercel.

The ShinyHunters hacker group, known for breaching cloud-based and database companies, told cybersecurity news site Bleeping Computer that they are not involved in this incident.

A spokesperson for Vercel did not say how many customers could be affected, but remarked that the corporation has not received any communication from the threat actor, such as a demand for ransom.

While details of the hack are still emerging, this security breach is the latest in a string of “supply chain” hacks in recent months that have targeted software developers whose code is widely used across the web. By compromising software that’s widely used by companies and supports web infrastructure, hackers can steal credentials from a broad range of targets at once and gain further access to large amounts of data stored by other cloud giants.

Vercel mentioned little else about the attack, except that it was investigating the incident and had sought answers from Context AI. Vercel mentioned the hack may affect “hundreds of users across many organizations,” and not just its own system, warning of potential downstream breaches spanning the tech industry.

Context AI, which builds evaluations and analytics for AI models, confirmed on its website that it had a breach in March involving its Context AI Office Suite consumer app. The app allows users to automate actions and workflows across multiple third-party applications by way of an unnamed third-party service. This also touches on aspects of user interface.

Context AI stated it notified one customer of the breach, but based on Vercel’s incident, it now believes that the incident is likely broader than first thought. Context AI stated the hackers “likely compromised OAuth tokens for some of our consumer users.”

Context AI did not respond to a request for comment or questions about the breach. It’s unclear why Context AI did not disclose the breach at the time, or if the organization received any demands from the hacker, such as a ransom.

Corrected to remove a reference to an unrelated Context AI whose staff were acquired by OpenAI. Updated with comment from Vercel.

Topics