top of page
perceptive_background_267k.jpg

Vercel confirms breach as hackers claim to be selling stolen data

Published:

19 April 2026 at 17:32:45

Alert date:

19 April 2026 at 18:00:39

Source:

bleepingcomputer.com

Click to open the original link from this advisory

Cloud & Virtualization, Data Breach & Exfiltration, Web Technologies

Cloud development platform Vercel disclosed a security incident after threat actors claimed to have breached their systems. Hackers are allegedly attempting to sell stolen data from the breach. This represents a significant security incident affecting a major cloud development platform used by many organizations and developers worldwide.

Technical details

Threat actors gained unauthorized access to certain internal Vercel systems. The attackers claim to be selling access keys, source code, database data, internal deployments, and API keys including NPM tokens and GitHub tokens. A text file containing 580 employee data records with names, Vercel email addresses, account status, and activity timestamps was shared. The attackers also shared screenshots of what appears to be an internal Vercel Enterprise dashboard and claimed they had access to multiple employee accounts with access to several internal deployments.

Mitigation steps:

Review environment variables
Use Vercel's sensitive environment variable feature
Rotate secrets if needed

Affected products:

Vercel cloud platform
Next.js framework

Related links:

https://vercel.com/kb/bulletin/vercel-april-2026-security-incident
https://vercel.com/docs/environment-variables/sensitive-environment-variables

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page