Vercel, a cloud platform for frontend developers that hosts and deploys modern web applications, said Monday that attackers accessed internal systems after compromising a third-party AI tool used by an employee, then hijacking that employee’s Google Workspace account.
The company said it has engaged incident response firms, notified law enforcement and is still investigating whether any data was exfiltrated.
“We recently identified a security incident involving unauthorized access to certain internal systems,” Vercel said in its bulletin. “We have contained the incident and are continuing our investigation with leading security experts.”
The breach affected a limited subset of customers whose credentials were exposed. Vercel said it contacted those customers directly and advised them to rotate credentials. Customers who were not contacted are not believed to be impacted, though the investigation is ongoing. Services remain operational.
According to Vercel, the intrusion began with the compromise of Context.ai, a third-party AI platform integrated into the employee’s workflow. Attackers used that access to pivot into Vercel systems and retrieve some environment variables that were not marked as “sensitive.”
Context.ai has not publicly issued a detailed statement on the incident as of publication, but is working with Vercel as part of the response effort.
Vercel said environment variables labeled sensitive are encrypted and not readable, and it has no evidence those values were accessed. The company described the attacker as “highly sophisticated” and said it is working with Mandiant and other partners to investigate.
The company urged customers to audit logs, rotate any exposed secrets, review deployments for anomalies and reset deployment protection tokens. It also published an indicator of compromise tied to a malicious Google Workspace OAuth application and warned the broader campaign may impact hundreds of users across multiple organizations.
