Vercel data leak: CEO confirms internal breach linked to AI tool as hackers claim to sell stolen data for $2 million

Cloud development platform Vercel has confirmed a data breach that compromised its internal systems. Vercel CEO Guillermo Rauch disclosed details about the data breach in a post on X (formerly Twitter), where he also hinted that AI may have been used to accelerate the attack.

“Through a series of manoeuvres that escalated from our colleague’s compromised Vercel Google Workspace account, the attacker got further access to Vercel environments,” Rauch explained.

Rauch noted that while Vercel stores all customer environment variables fully encrypted at rest, the platform does allow developers to designate certain environment variables as "non-sensitive." The attackers were able to leverage this feature, using enumeration on these “non-sensitive” variables to gain further system access.

“We believe the attacking group to be highly sophisticated and, I strongly suspect, significantly accelerated by AI. They moved with surprising velocity and in-depth understanding of Vercel,” he added.

Rauch also noted that a ‘limited’ number of customers were affected by the attack. The company has reached out directly to the customers affected by the breach.

“All of our focus right now is on investigation, communication to customers, enhancement of security measures, and sanitisation of our environments. We’ve deployed extensive protection measures and monitoring. We’ve analysed our supply chain, ensuring Next.js, Turbopack, and our many open-source projects remain safe for our community,” he added.

Following its initial security advisory, Vercel has also updated its bulletin to explicitly advise Google Workspace administrators and account owners to check their systems for a specific compromised OAuth application linked to the third-party AI tool, BleepingComputer reported.

According to the BleepingComputer report, the hacker claimed to be selling access keys, company source code, database data, and internal deployments, specifically noting the inclusion of GitHub and NPM tokens. As proof of the breach, the attacker shared a text file containing 580 data records of Vercel employee information, including names, email addresses, and account activity timestamps, alongside a screenshot of an internal enterprise dashboard.

The hacking group also claimed in Telegram messages to be in direct contact with Vercel to negotiate a $2 million ransom demand. The report, however, noted that threat actors genuinely linked to the known ShinyHunters extortion gang have denied any involvement in this specific Vercel incident.