Vercel hack: attacker sold limited customer credentials for $2M, via Context.ai breach

Cloud hosting firm Vercel confirmed a “limited” Vercel hack after a hacking-forum user reportedly put customer information up for sale for $2 million. Vercel said it saw unauthorized access to certain internal systems and that only a limited subset of customers had their Vercel credentials compromised. It contacted those users and recommended immediate credential rotation. The forum post (by “ShinyHunters” on BreachForums) claimed access keys, source code, database data, and employee accounts with access to internal deployments, and suggested a potential “global supply chain attack.” Vercel did not validate those specific claims, but said the attacker was “highly sophisticated,” citing operational velocity and detailed knowledge. Vercel CEO Guillermo Rauch said the intrusion likely began when a Vercel employee was compromised through a breach of Context.ai. That enabled the attacker to access the employee’s Google Workspace account and reach some internal systems. Rauch noted Vercel encrypts customer environments, but attackers used non-sensitive environment variables and enumeration to gain further access. Vercel says it deployed protection and monitoring, and it reviewed its supply chain to help ensure Next.js, Turbopack, and open-source projects remain safe. For traders, the Vercel hack is mainly a cyber-risk signal rather than a direct blockchain protocol threat, but it can still affect sentiment around web3 infrastructure providers if incidents spread.