Vercel confirmed a security incident after attackers accessed parts of its internal systems via a compromised third-party AI tool. The breach led to exposure of some environment variables and included some employee data, though Vercel says its wider supply chain was not affected. Users are now urged to rotate credentials and enable multi-factor authentication to reduce risk.
Vercel says it has evidence that some customer data and accounts were compromised before its recent, widely reported incident. After expanding an investigation tied to an early-April breach, the company identified a second wave of unauthorized access affecting customer accounts. Vercel’s findings raise new questions about when the intrusion began and how much data may have been exposed.
Your news, in seconds
Get the Beige app — every story in 60 words, updated hourly. Free on iOS & Android.
Swipe through stories, personalise your feed, and save articles for later — all on the app.
