Vercel Data Breach: Hackers Claim Access to Internal Systems
Vercel, a leading frontend cloud platform, has confirmed a significant security breach involving unauthorized access to its internal systems. The incident came to light after a hacker group, purportedly ShinyHunters, claimed to be selling stolen data for $2 million on underground forums.
Incident Overview
On April 18–19, 2026, Vercel disclosed the breach in an official security bulletin. The company is actively investigating the incident with the assistance of cybersecurity firm Mandiant and has notified law enforcement authorities.
Attack Vector
The intrusion originated from a compromise of Context.ai, a third-party AI tool utilized by a Vercel employee. Attackers exploited a malicious or compromised Google Workspace OAuth app associated with Context.ai to hijack the employee’s Google Workspace account. This access enabled the threat actors to infiltrate select Vercel environments and read non-sensitive environment variables from a limited number of customer configurations.
Data Exposure
Vercel confirmed that environment variables explicitly marked as “sensitive,” which are stored securely to prevent unauthorized reading, showed no evidence of being accessed. However, variables not marked as sensitive and containing secrets such as API keys, tokens, database credentials, or signing keys should be considered potentially exposed. Vercel advises customers to rotate these credentials immediately.
Indicators of Compromise
The compromised OAuth app has been identified as an indicator of compromise (IOC): `110671459871-30f1spbu0hptbs60cb4vsmv79i7bbvqj.apps.googleusercontent.com`. Vercel urges all Google Workspace administrators to audit their environments for usage of this app and take appropriate action.
Threat Actor Claims
The situation escalated when a threat actor claiming to be ShinyHunters posted on BreachForums, offering Vercel’s alleged internal database, access keys, source code, employee accounts, API keys, NPM tokens, and GitHub tokens for $2 million. The attacker shared a text file containing 580 Vercel employee data records, including names, email addresses, account status, and activity timestamps, along with a screenshot of an alleged internal Vercel Enterprise dashboard as proof of access.
Company Response
Vercel CEO Guillermo Rauch described the threat actor as “highly sophisticated,” noting their operational speed and detailed understanding of Vercel’s internal systems. Rauch suggested that the attackers may have leveraged AI capabilities to accelerate their intrusion efforts and strongly urged all customers to rotate API keys and tokens as a precautionary measure.
Vercel has confirmed that Next.js and its broader supply chain remain unaffected by the incident. All services are fully operational, and the company has implemented extensive protection and monitoring measures. Customers who have not been directly notified by Vercel have no current evidence of credential or personal data compromise, though the investigation is ongoing.
Recommendations for Customers
Vercel recommends the following actions for all customers:
– Review activity logs in the Vercel dashboard or CLI for any suspicious behavior.
– Rotate all environment variables containing secrets that were not marked as sensitive.
– Enable the sensitive environment variables feature for all future secrets.
– Inspect recent deployments for unexpected or unauthorized changes.
– Ensure Deployment Protection is set to Standard or higher.
– Rotate Deployment Protection bypass tokens if previously configured.
– Audit Google Workspace for the identified malicious OAuth app IOC immediately.
Vercel is providing ongoing updates to its security bulletin as the investigation progresses.
