Vercel says some of its customers' data was stolen prior to its recent hack

Apr 23, 2026 · Source ↗

TLDR

Vercel found a second, earlier compromise of customer accounts separate from its April breach, with data stolen before that incident.

Vercel’s April breach began after an employee downloaded an app from startup Context AI, which hackers used to access Vercel’s internal systems.
Expanding its investigation, Vercel found additional accounts compromised prior to April, possibly via social engineering, malware, or other methods.
CEO Guillermo Rauch pointed to infostealer malware as a likely vector, targeting tokens and API keys stored on victim machines.
Hackers accessed some internal systems containing unencrypted customer credentials; Vercel has not disclosed how many customers are affected.

The breach appears larger in scope and longer in duration than initially disclosed, with Vercel and Context AI both warning more victims may emerge.
Unencrypted customer credentials being accessible inside Vercel’s internal systems raises questions about credential storage practices.

Zack Whittaker, TechCrunch · 2026-04-23 · Read the original