Vercel, a prominent provider of web development and hosting infrastructure, disclosed a security breach on April 20, 2026, that resulted in unauthorized access to internal systems and a limited subset of customer credentials. The company traced the origin of the incident to a compromise of Context.ai, a third-party artificial intelligence analytics tool. According to official bulletins from Vercel and security researchers, the breach was facilitated by a supply chain escalation that began with an infostealer infection at the third-party vendor.

The technical attack chain involved the compromise of a Vercel employee’s enterprise Google Workspace account. The employee had previously authorized Context.ai’s Google Workspace OAuth application with broad permissions. Forensic evidence suggests that a Context.ai employee was infected with Lumma Stealer in February 2026, which allowed threat actors to hijack Context.ai’s OAuth infrastructure. By leveraging this upstream access, the attackers inherited the permissions granted by the Vercel employee, enabling lateral movement into Vercel’s internal environments.

Vercel reported that the attackers were able to enumerate and extract environment variables that were not marked as sensitive within the Vercel dashboard. While variables designated as sensitive are stored with encryption that prevents them from being read by internal administrative tools, non-sensitive variables—which often include database URIs, API keys, and webhook tokens—were exposed. Vercel’s security team characterized the threat actor as highly sophisticated, noting their rapid operational velocity and deep understanding of Vercel’s internal architecture.

In the wake of the disclosure, a threat actor operating under the alias ShinyHunters claimed responsibility for the attack, purportedly offering a stolen Vercel database for sale on BreachForums for two million dollars. Vercel has not confirmed the validity of this specific claim but has acknowledged that a limited subset of customers had their credentials compromised. The company has directly contacted these users, advising them to rotate all secrets and environment variables immediately.

Vercel is currently working with the cybersecurity firm Mandiant and law enforcement to investigate the full extent of the exfiltration. As a primary mitigation step, Vercel advised Google Workspace administrators to audit their environments for a specific OAuth application ID: 110671459871-30f1spbu0hptbs60cb4vsmv79i7bbvqj.apps.googleusercontent.com. The company also emphasized that its core Edge Network and production hosting services remain operational and were not directly impacted by the breach. The incident has prompted Vercel to recommend that all developers utilize the sensitive environment variables feature to ensure that secret values remain encrypted and unreadable even in the event of an administrative account compromise.