Cloud hosting company Vercel said over the weekend that hackers broke into its internal systems and got access to some customer data. The attackers claim they have stolen important customer information and are trying to sell it online.
According to Vercel, the problem started with another company called Context AI. One of Vercel’s employees downloaded an app made by Context AI and connected it to their company account, which was running on Google. Hackers used this connection (called OAuth) to take control of the employee’s Google account. From there, they were able to enter some of Vercel’s internal systems and access data, including some information that was not protected.
Vercel said that its popular tools, Next.js and Turbopack, were not affected. These tools are widely used by developers to build websites and apps.
The company has contacted customers whose data or keys may have been exposed. Vercel’s CEO, Guillermo Rauch, advised users to change their keys and login details, even if they were marked as “non-sensitive.”
It’s still not clear who carried out the attack or whether the same hackers were involved in both Vercel and Context AI. The person selling the stolen data online claimed to be linked to the group ShinyHunters, which is known for breaking into cloud and database systems. They said they were selling access to API keys, source code, and database data from Vercel. However, ShinyHunters denied being involved.
Vercel has not said how many customers are affected, and so far, the company has not received any ransom demand from the hackers.
This attack is part of a growing trend called “supply chain” attacks. In these cases, hackers target one piece of software that many companies use. By breaking into it, they can gain access to a large number of systems and steal a lot of data at once.
Vercel said it is still investigating the issue and is in contact with Context AI. The company warned that this problem could affect hundreds of users across different organizations, not just Vercel itself.
Context AI later confirmed that it had a security issue back in March related to one of its apps, called the Context AI Office Suite. This app helps users connect and automate tasks across different services. The company said hackers may have stolen OAuth tokens from some users, which could have allowed access to connected accounts.
At first, Context AI believed only one customer was affected, but after Vercel’s report, it now thinks the issue may be bigger than expected. The company has not shared more details or responded to questions about the attack. It’s also unclear why the problem was not made public earlier or whether the hackers asked for money.
