Overview
- Vercel, which disclosed the breach Sunday, says an attacker used a compromised Context.ai OAuth token to take over a Vercel employee’s Google Workspace account and view environment variables that were not marked sensitive.
- The company contacted a limited set of customers to rotate exposed keys, while it reports no evidence that sensitive variables were read and no tampering with Next.js, Turbopack, or Vercel‑published npm packages.
- A poster using the ShinyHunters name claimed to sell Vercel data for $2 million, yet the group denied involvement and the authenticity of the listed keys, source code, and databases remains unverified.
- Vercel is working with Mandiant and law enforcement, has shared indicators of compromise including the OAuth app ID for admins to check, and rolled out a dashboard view and tools to better flag and manage sensitive variables.
- Security researchers say the root likely traces to Context.ai’s earlier breach, with one report tying it to Lumma Stealer malware on an employee device, highlighting a broader supply‑chain risk where OAuth grants can extend trust far beyond the original AI app.