Vercel, a widely used platform for hosting and deploying web applications, has confirmed a security incident after hackers claimed they were trying to sell stolen data.
An individual identifying as part of the ShinyHunters group, known for its involvement in the Rockstar Games breach, shared samples of the data online. The leaked information reportedly included employee names, email addresses, and activity timestamps.
The company acknowledged the issue in a post on X, stating that the incident affected only a limited subset of its customers. Vercel explained that the breach did not originate from its own systems directly but was linked to a compromised third-party AI tool. However, it did not reveal the name of the external service involved.
We’ve identified a security incident that involved unauthorized access to certain internal Vercel systems, impacting a limited subset of customers. Please see our security bulletin:https://t.co/0S939n3qHC
— Vercel (@vercel) April 19, 2026
Following the discovery, Vercel advised administrators to carefully review their activity logs for any unusual or unauthorized actions. It also recommended rotating environment variables as a precaution, especially in case sensitive data like API keys or access tokens may have been exposed during the incident.
In its security update, Vercel shared that the root cause was tied to a third-party AI tool whose Google Workspace OAuth app had been compromised as part of a larger attack. This broader issue could potentially impact hundreds of users across different organizations.
To support ongoing investigations, the company said it has released indicators of compromise to help identify any suspicious activity. It also urged Google Workspace administrators and account owners to immediately check whether this affected app had been used within their environments.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
