
Vercel Confirms Data Breach Through Third-Party Provider Context.ai with $2 Million Ransom Demand
Vercel confirmed a data breach linked to Context.ai, a third-party service provider, after a hacker listed alleged stolen data for sale at $2 million. The threat actor claimed the compromised data includes internal Vercel systems and customer information, though specifics on the volume or exact nature of the data were not disclosed. ShinyHunters, a known cybercriminal group, publicly denied involvement in the breach and warned of imposters falsely claiming responsibility. No technical details, such as attack vectors or CVE identifiers, were provided in the report. The incident highlights risks associated with third-party integrations in cloud-based development platforms. The breach's timeline and full impact remain unverified by independent sources.