Cyber Incident Victim: Vercel
Date:
Apr 2026
Location:
United States of America
Summary
Vercel disclosed a security breach that may have exposed customer API keys after attackers compromised a Google Workspace account through a compromised third‑party AI tool, Context.ai, and used infostealer malware to harvest tokens and enumerate non‑sensitive environment variables that were not encrypted at rest. The company also uncovered evidence of prior unauthorized access to a small number of customer accounts that predated the main incident and appeared unrelated to its systems, prompting notifications and guidance for affected users to rotate secrets and review logs. It reported additional compromised accounts from the main event, engaged incident response and law‑enforcement partners, and noted that the attackers claimed to be selling stolen data while its services remained operational.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On April 23 2026 Vercel disclosed that a security incident began when an employee used the third‑party AI tool Context ai, whose systems had been compromised, allowing attackers to seize the employee’s Google Workspace account and pivot into Vercel environments. Investigators found that the attackers remained active beyond the Context ai compromise, employing infostealer malware to search for valuable tokens such as Vercel account keys. Logs revealed a pattern of rapid API usage focused on enumerating non‑sensitive environment variables that were not encrypted at rest. The hackers claimed to be selling stolen data, including access keys and employee information, although Vercel reported that its services continued to operate normally. The initial breach was traced to the compromised Google Workspace connection via Context ai, and the employee’s hijacked account was used to gain access to internal systems containing customer credentials.
Vercel later updated its security incident page to state that investigators had uncovered evidence of prior unauthorized access to a small number of customer accounts that predated the April breach and was independent of the main incident, potentially resulting from social engineering, malware, or other methods. The company also said it had identified additional customer accounts compromised during the April event, though it did not specify the total number, confirming only that it had notified customers known to be affected. In response, Vercel advised affected customers to review their environment variables, make use of the sensitive variable feature, rotate any secrets, inspect logs for anomalous activity, and check for compromised OAuth applications. Vercel engaged external incident response experts and involved law enforcement to assist with the investigation and promised to provide ongoing updates as more information became available. Context ai confirmed that its own systems had suffered a breach earlier, and both Vercel and Context ai indicated that the compromise could have wider implications for other organizations using similar third‑party AI tools. Vercel stated that it would continue to investigate the issue, issue further notifications to customers as additional details emerge, and keep the public informed through its security incident page.