Vercel suffered a major security breach after an employee granted extensive Google Workspace permissions to a third-party AI app, which was previously compromised, allowing hackers to access sensitive data and demand a $2 million ransom. The incident highlights the critical need for careful management of app permissions and immediate rotation of non-sensitive keys to safeguard cloud environments against interconnected vulnerabilities.
Vercel, a popular serverless hosting provider used by major companies like Uber, Twilio, and Stripe, recently experienced a significant security breach. The incident began when a Vercel employee downloaded an app called AI Office Suite, developed by Context AI, which allowed users to create presentations and documents using AI agents. During the login process, the employee granted extensive permissions via their Google account, inadvertently giving Context AI access to Vercel’s entire Google Workspace suite.
The situation worsened because Context AI had previously suffered a security breach in March 2026, where hackers accessed its AWS environments. This vulnerability allowed attackers to move laterally from Context AI to Vercel, gaining access to sensitive information. A hacker claiming affiliation with the notorious ShinyHunters group posted on breach forums, stating they had obtained access keys, source code, internal deployments, API keys, and data on 580 Vercel employees. They demanded a $2 million ransom for the stolen data, although the real ShinyHunters group denied any involvement, suggesting the hacker might be an impersonator.
From this incident, two critical security lessons emerge. First, Vercel assured that environment keys marked as sensitive are encrypted and remain secure. However, all other keys should be considered compromised and need to be rolled immediately. In response, the team managing client applications hosted on Vercel promptly rotated all non-sensitive keys to mitigate potential damage. This highlights the importance of using sensitive keys wherever possible to enhance security.
Second, the breach underscores the risks associated with third-party applications and the permissions granted during login processes. Users must exercise caution when signing into apps using Google or other single sign-on services, carefully reviewing the permissions requested. The proliferation of AI-powered and other third-party apps increases the attack surface, making it essential to maintain vigilance and limit access to only what is necessary.
Overall, the Vercel hack serves as a stark reminder of the interconnected nature of modern cloud services and the importance of robust security practices. Companies and individuals alike should prioritize key management, scrutinize app permissions, and stay informed about potential vulnerabilities to protect their data and infrastructure from similar attacks.