Vercel confirms breach after $2M ransom claim

Vercel confirmed attackers gained unauthorized access to parts of its internal infrastructure after a third‑party AI tool’s Google Workspace OAuth app was compromised. A seller on a cybercrime forum posted an offer to sell what they claimed was Vercel’s internal data for $2 million.

Project reported it has engaged outside incident responders and notified law enforcement. The company indicated only a limited subset of customers was affected and that impacted customers are being contacted directly. Vercel’s platform remains operational while the investigation continues. In the bulletin the company wrote, “Our investigation has revealed that the incident originated from a third‑party AI tool whose Google Workspace OAuth app was the subject of a broader compromise, potentially affecting hundreds of its users across many organizations.”

The forum post included listings for access keys, source code, database records and internal deployment credentials, including NPM and GitHub tokens. A proof sample attached to the post reportedly contained about 580 employee records with names, company email addresses, account statuses and activity timestamps, plus an internal dashboard screenshot. Vercel has not independently verified the materials shared by the forum poster.

Vercel advised customers to review environment variables and to use the platform’s sensitive variable setting for secrets. Independent developer sources tracking the incident reported that internal integrations for tools such as Linear and GitHub were among the most affected. Those observers recommended rotating any environment variables that are not explicitly flagged as sensitive.

The incident has potential implications for projects that host front ends on Vercel. Teams that store private RPC endpoints, third‑party API keys or wallet-related secrets in plain environment variables for front‑end deployments should assume those values may be exposed and rotate them. A compromise at the hosting or deployment layer can allow attackers to modify build output, a risk not detected by domain or DNS monitoring alone.

Attribution for the intrusion remains unsettled. Individuals tied to known extortion groups have denied involvement, while the forum poster claimed to have contacted Vercel and demanded $2 million; the company has not confirmed any negotiations. Vercel said it will update its security bulletin as new information becomes available. As of the company’s announcement, no major crypto projects had publicly confirmed being contacted about exposure related to the incident.