ZCyberNews
中文
Threat IntelHigh2 min read

Vercel Confirms Data Breach After Hackers Attempt to Sell Stolen Information

Vercel disclosed a security breach after threat actors attempted to sell stolen data, including customer account information and internal project details, on a hacking forum. The cloud platform is investigating the scope of the incident.

Vercel Confirms Data Breach After Hackers Attempt to Sell Stolen Information

Executive Summary

Cloud development platform Vercel has confirmed a security breach after threat actors posted stolen data for sale on a hacking forum. The company stated it is investigating the incident, which reportedly involves customer account information, project details, and internal data. The breach's full scope and root cause remain under investigation.

Technical Analysis

Vercel's disclosure followed a post on the BreachForums hacking forum where a threat actor, using the alias 'overtime,' advertised the sale of a Vercel database. The seller claimed the data included 5,300 customer records containing names, emails, phone numbers, and account types. Additionally, the listing referenced internal project information, billing details, and support tickets. Vercel's investigation, as reported by BleepingComputer, is ongoing to verify these claims and determine the extent of the intrusion. The company has not confirmed the specific data types or volume allegedly exfiltrated. The initial forum post has since been removed, but screenshots circulated prior to its deletion.

Threat Actor Context

The threat actor used the alias 'overtime' on the BreachForums platform to advertise the stolen Vercel data. The actor's motivations appear financially driven, attempting to sell the data for an undisclosed sum. There is no attribution to a known advanced persistent threat (APT) group or malware operation in the available sources. The legitimacy of the actor's claims and the provenance of the data are key points of Vercel's active investigation.

Mitigations & Recommendations

Vercel has not released specific mitigation steps for customers. Based on the nature of the claimed breach, users of the platform should:

  • Monitor account and project environments for unauthorized changes.
  • Enable multi-factor authentication (MFA) on Vercel and linked accounts if not already active.
  • Be vigilant for targeted phishing attempts that may leverage stolen personal or project information.
  • Follow official Vercel communications for further guidance as the investigation concludes.

Stay Updated

Get the latest cybersecurity news delivered to your inbox.

Related Articles

Vercel Breach Exposes Customer Credentials via Compromised AI ToolHIGH
Threat Intel

Vercel Breach Exposes Customer Credentials via Compromised AI Tool

Vercel confirms a breach exposing limited customer credentials after attackers compromised an employee's account via a third-party AI tool, Context.ai. The cloud platform is resetting passwords and API tokens for affected users.

3 min read
Ransomware Attack Disrupts Automotive Data Giant Autovista GroupHIGH
Threat Intel

Ransomware Attack Disrupts Automotive Data Giant Autovista Group

Autovista Group, a major European automotive data and analytics firm, confirms a ransomware attack disrupting operations. The company is investigating with external experts, but impact on customer data remains unclear.

3 min read
TeamPCP Hijacks TanStack CI/CD, Poisons 170+ NPM/PyPI PackagesCRITICAL
Threat Intel

TeamPCP Hijacks TanStack CI/CD, Poisons 170+ NPM/PyPI Packages

TeamPCP chained three GitHub Actions flaws to hijack TanStack's CI/CD, publishing 84 malicious artifacts across 42 packages.

4 min readTeamPCP