Vercel Security Breach: Hacker Demands $2M as Crypto Projects Scramble to Secure Keys
Vercel, a web hosting provider, suffered a cybersecurity incident due to a compromised employee account, potentially exposing sensitive credentials of its clients, including Web3 platforms. The attackers demanded a $2 million ransom for the alleged data on the BreachForums cybercrime marketplace.
Vercel, a prominent web hosting and infrastructure provider, acknowledged a cybersecurity incident following unauthorized intrusion into its internal network. The attack originated through a compromised employee account that was accessed via Context.ai, an external AI application. The intruders potentially accessed non-sensitive environment variables, prompting Vercel's CEO to advise customers to refresh their credentials. Web3 platforms using Vercel's services, such as Orca, a Solana-based exchange, proactively refreshed their deployment keys. A listing on BreachForums attributed to ShinyHunters advertised purported Vercel data for $2 million, although the claims remain unconfirmed. Vercel is collaborating with Google's Mandiant cybersecurity division on the investigation.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.