Vercel confirms Context.ai Google Workspace breach, attackers seek $2 million ransom
Vercel, the company behind popular web development tools, has confirmed a data breach caused by a hacked Google Workspace account through Context.ai.
While Vercel's customer environment variables stayed encrypted at rest, attackers got access to some internal info and are now claiming in Telegram messages to be in direct contact with Vercel to negotiate a $2 million ransom.
A post using the "ShinyHunters" moniker claimed to sell access/data, but known ShinyHunters-linked actors deny involvement in the incident.
Vercel investigating, customers notified
CEO Guillermo Rauch shared that only a small number of customers were affected and have already been notified.
Vercel is investigating the breach, tightening up security, and asking Google Workspace admins to check for suspicious app activity, just to be safe for the future.