InvestMarketplaceEquityNews
Vercel systems breached via third-party AI tool, hackers offer data for $2 million - CNBC TV18
Market Updates

Vercel systems breached via third-party AI tool, hackers offer data for $2 million - CNBC TV18

cnbctv18.com3d ago

A post on X (formerly Twitter) has surfaced linking ShinyHunters, known for past high-profile breaches, to the Vercel incident.A security breach at cloud development platform Vercel has raised concerns after the company confirmed that parts of its systems were accessed by an attacker through a compromised third-party tool.

The incident traces back to Context.ai, an artificial intelligence platform used by a Vercel employee. According to the company's internal bulletin, "The attacker used that access to take over the employee's Vercel Google Workspace account, which enabled them to gain access to some Vercel environments and environment variables that were not marked as 'sensitive'."

Vercel clarified that variables marked as 'sensitive' are stored in a way that prevents them from being read directly, but the company "currently do not have evidence that those values were accessed."

While not confirmed, a post on X (formerly Twitter) has surfaced linking ShinyHunters, known for past high-profile breaches, to the Vercel incident. The group was earlier associated with an attack on Rockstar Games, and is now being mentioned as a possible actor here as well.

ALSO READ | Iran-linked hackers breach FBI director's personal email, publish excerpts online

The attackers are attempting to sell the allegedly stolen data online for around $2 million.

At the same time, Vercel has described the attacker as 'highly sophisticated' based on their operational velocity and detailed understanding its internal systems.

In terms of impact, Vercel stated that only a limited subset of customers appears to have been affected, whose credentials were potentially compromised.

"We reached out to that subset and recommended an immediate rotation of credentials," the company added.

Addressing the situation publicly, CEO Guillermo Rauch said the company has taken several steps to strengthen its security posture and added, "We've analySed our supply chain, ensuring Next.js, Turbopack, and our many open- source projects remain safe for our community."

"We've already rolled out new capabilities in the dashboard, including an overview page of environment variables, and a better user interface for sensitive env var creation and management. As always, I'm totally open to your feedback," he further wrote.

To handle the investigation, Vercel is working closely with multiple cybersecurity experts, including Mandiant, along with other industry partners and law enforcement agencies. It has also directly engaged Context.ai "to understand the full scope of the underlying compromise."

Originally published by cnbctv18.com

Read original source →
Vercel