Vercel Breach Traced to Compromised Third-Party AI Tool, Context.ai

Cloud platform Vercel has confirmed a breach of its internal systems, with attackers gaining entry through a compromised third-party AI tool. The incident exposed a 'limited subset' of customer data, specifically non-sensitive environment variables. Vercel maintains its core services are operational and that sensitive data remains protected, but the attack vector highlights a critical vulnerability in the software supply chain.

The intrusion originated when attackers compromised Context.ai, a third-party AI tool used by Vercel. Using a compromised OAuth token linked to Context's AI Office Suite, they took over a Vercel employee's Google Workspace account. This foothold allowed them to move laterally into Vercel's systems and access environment variables the company had not explicitly marked as 'sensitive.' Vercel states it has found no evidence that sensitive variables were accessed.

Vercel is investigating with external experts and has informed law enforcement. The company has directly contacted affected users, urging them to rotate credentials and review their environment variables. The incident underscores the escalating risk posed by third-party integrations, particularly AI tools, which can serve as a backdoor into otherwise secure corporate networks, putting customer data and operational integrity at risk.