Vercel Cyber Attack Exposes Data: What You Need to Know
Vercel Confirms Sophisticated Cyberattack, Warns Customers of Potential Exposure
Vercel, a US-based web platform, has confirmed a recent cyberattack incident, where an unauthorized attacker gained access to internal environments through an employee’s use of the third-party tool Context.ai.
Attack Method and Consequences
- The breach occurred when the employee granted OAuth access to Context.ai, allowing the attacker to access the Vercel Google Workspace account and gain access to certain internal environments and non-sensitive environment variables stored on the company’s systems.
- The attack highlights the risks associated with third-party integrations and the importance of maintaining visibility into these connections, according to security expert Cory Michal, Chief Information Security Officer at AppOmni.
- Once a user authorizes one app, the trust established can extend into various systems, including identity, CRM, development, and others, creating a potential pivot point for attackers, Michal explained.
Vercel’s Response and Recommendations
- Vercel has contacted a limited subset of customers whose non-sensitive environment variables were compromised.
- The company has recommended several measures to tighten security controls, including:
- Enabling multi-factor authentication
- Reviewing and rotating environmental variables
- Using the sensitive environmental variable feature to protect secret values
According to Vercel, its core packages, including Next.js, remain safe, and t
About Author
English