"A person claiming to be a member of ShinyHunters posted some data online, including employee names, email addresses, and activity time stamps."
"Vercel confirmed in a post on X that a 'security incident' had occurred, impacting a 'limited subset' of its customers."
"Our investigation has revealed that the incident originated from a third-party AI tool whose Google Workspace OAuth app was the subject of a broader compromise."
"Vercel encouraged administrators to review their activity logs for suspicious activity and suggested reviewing and rotating environmental variables."
Vercel confirmed a security incident involving a breach that affected a limited subset of its customers. Hackers, claiming affiliation with ShinyHunters, posted stolen data online, including employee names and email addresses. The breach was traced back to a compromised third-party AI tool, although Vercel did not disclose the specific tool. Vercel advised administrators to review activity logs and rotate environmental variables to mitigate risks. The investigation indicated that the incident could impact hundreds of users across various organizations.
Read at The Verge
Unable to calculate read time
Collection
[
|
...
]