InvestMarketplaceEquityNews
Developer tooling provider Vercel discloses breach that exposed some users' data - SiliconANGLE
Market Updates

Developer tooling provider Vercel discloses breach that exposed some users' data - SiliconANGLE

SiliconANGLE3d ago

Developer tooling provider Vercel discloses breach that exposed some users' data

A hacker has stolen a limited amount of customer data from Vercel Inc., a major developer tooling provider.

The company disclosed the incident late Sunday.

Vercel, which received a $9.3 billion valuation last year, provides tools that help developers build web applications. It also operates cloud infrastructure that can be used to host those applications. Vercel's product suite is underpinned by Node.js, a popular open-source development framework.

The company stated in a security bulletin that the breach started with an external product called Context.ai. It's a cloud platform that uses artificial intelligence to automate business tasks. Notably, it can be integrated with third-party services such as Google Workspace. According to the security bulletin, a hacker compromised Context.ai and used it to log into a Vercel staffer's Google Workspace account.

The compromised account gave the threat actor access to some customers' environment variables. In Vercel deployments, an environment variable is a data structure that holds a single piece of information. That data snippet can be a secret such as a database password or encryption key.

Vercel enables customers to secure secrets using a feature called sensitive environment variables. According to the company, the breach only compromised data points that didn't have the feature enabled. The fact that affected customers opted not to use the feature may suggest the compromised data wasn't particularly important, which may help limit the impact of the breach. However, it's also possible some impacted users simply forgot to enable it.

Vercel estimates that the number of customers affected by the breach is "quite limited." However, the company noted that other users of Context.ai may also be affected.

"Hudson Rock has evidence linking the Context AI breach to an infostealing malware, pinpointing a likely entry point for patient zero," said Aaron Walton, a senior threat intelligence analyst at venture-backed cybersecurity company Expel Inc. "Infostealers have emerged as one of the more consequential threats facing businesses today."

The data trove stolen from Vercel reportedly included information about hundreds of employees. The hackers also gained access to a number of application programming interface keys, which serve a similar role to passwords. Some of those API keys are reportedly associated with GitHub repositories.

Vercel employees help maintain the GitHub repository for Node.js, the popular development framework that powers the company's product portfolio. The software maker also maintains other open-source projects. Access to open-source projects can enable hackers to launch supply chain attacks with the potential to compromise a large number of developers.

In a post on X, Vercel Chief Executive Officer Guillermo Rauch reassured users that "we've analyzed our supply chain, ensuring Next.js, Turbopack, and our many open source projects remain safe for our community." He added that the company has hired Google LLC's Mandiant cybersecurity services business to help it investigate the incident.

Vercel is advising customers to replace their non-sensitive environment variables. Additionally, the company is recommending that administrators review activity logs for potential signs of malicious activity. As part of its response to the breach, Vercel has rolled out a dashboard that will make it easier for customers to manage and monitor environment variables.

Originally published by SiliconANGLE

Read original source →
Vercel