1. Forum
  2. tqwNet
  3. TQW GENTECH

  • 'We've identified a security incident': Vercel breach confirmed a

    From TechnologyDaily@1337:1/100 to All on Monday, April 20, 2026 11:30:26
    'We've identified a security incident': Vercel breach confirmed after hackers claim stolen data for sale online

    Date:
    Mon, 20 Apr 2026 10:24:46 +0000

    Description:
    Cloud development platform confirms theft of "non-sensitive data" and says customers were already notified.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter Vercel confirms cyberattack via compromised Context.ai account Attacker accessed employee Google Workspace, exposed nonsensitive environment data Dark web actor claims ShinyHunters link,
    selling alleged Vercel source code and 580 employee records for $2M Cloud development platform Vercel confirmed suffering a cyberattack and losing non-sensitive customer data. In a new security bulletin published earlier
    this morning, the companys security team said that during the weekend it identified a security incident that involved unauthorized access to certain internal Vercel systems.

    This seems to have been a supply chain attack. Vercel said one of its employees used a third-party AI tool called Context.ai, which seems to have been used as the entry point. The incident originated with a compromise of Context.ai the advisory reads, saying that the attacker used that access to take over that employees Google Workspace account. Through that, they gained access to some Vercel environments and environment variables that were not marked as sensitive. Article continues below You may like Substack data
    breach confirmed: user phone numbers email addresses all stolen in attack, here's what we know Telus Digital confirms breach - hackers allegedly stole 'almost 1 petabyte of data' Healthcare tech firm CareCloud admits data
    breach, says hackers accessed patient info here's what we know ShinyHunters (do not) claim responsibility Vercel did not say how many customers were compromised, or what kind of information it lost. It said it already notified everyone who has been affected, recommending an immediate rotation of credentials.

    We continue to investigate whether and what data was exfiltrated and we will contact customers if we discover further evidence of compromise. Weve
    deployed extensive protection measures and monitoring. Our services remain operational, the notice reads.

    Just one day before sharing this announcement, a new thread surfaced on a
    dark web forum, advertising the sale of sensitive Vercel data, BleepingComputer found.

    Greetings all. Today I am selling Access Key/Source Code/Database from
    Vercel, the ad reads. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners
    or sponsors By submitting your information you agree to the Terms &
    Conditions and Privacy Policy and are aged 16 or over.

    The threat actor also shared a text file with Vercel employee information, apparently containing 580 data records with names, email addresses, account statuses, and activity timestamps. They are allegedly asking for $2 million
    in exchange for deleting and not leaking the stolen files.

    It is also interesting that this threat actor claims to be part of the ShinyHunters extortion group, but the group seems to have distanced itself from this incident.

    Via BleepingComputer The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/weve-identified-a-security-incident-ver cel-breach-confirmed-after-hackers-claim-stolen-data-for-sale-online


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)