Cloud development platform Vercel has confirmed a security breach incident involving unauthorised access to its internal systems. For those unaware, Vercel is a premier cloud platform for frontend developers, specializing in hosting websites and web applications.The billion-dollar company has published a Security Bulletin, confirming the incident. “We’ve identified a security incident that involved unauthorized access to certain internal Vercel systems,” Vercel said. “We are actively investigating, and we have engaged incident response experts to help investigate and remediate. We have notified law enforcement and will update this page as the investigation progresses”.
Vercel reveals Context.ai, a third-party AI tool used to compromise security
In the bulletin, the cloud platform firm said that the security incident originated with a compromise of Context.ai, a third-party AI tool used by a Vercel employee. The attacker, it said, used that access to take over the employee’s Vercel Google Workspace account, which enabled them to gain access to some Vercel environments and environment variables that were not marked as “sensitive.”“Environment variables marked as “sensitive” in Vercel are stored in a manner that prevents them from being read, and we currently do not have evidence that those values were accessed,” the company revealed.Vercel stated that it is working with Mandiant, additional cybersecurity firms, industry peers, and law enforcement. “We have also engaged Context.ai directly to understand the full scope of the underlying compromise,” the company said.
Who is impacted by Vercel data breach
In its bulletin, Vercel said that it has identified a limited subset of customers whose Vercel credentials were compromised. The company has reached out to that subset and recommended an immediate rotation of credentials.“If you have not been contacted, we do not have reason to believe that your Vercel credentials or personal data have been compromised at this time,” it clarified. “We continue to investigate whether and what data was exfiltrated and we will contact customers if we discover further evidence of compromise. We’ve deployed extensive protection measures and monitoring. Our services remain operational,” the company assured.
What should impacted customers do
Vercel recommends impacted users to:
