A serious data security allegation has surfaced regarding Vercel, a cloud-based hosting platform. According to reports, it is claimed that data from the company’s internal systems was offered for sale on hacker forums.
From wallet connectors to decentralized application interfaces, many crypto and Web3 frontends are being published on Vercel.
According to information shared by a user named Ryan on the social media platform X, someone claiming to be connected to ShinyHunters has offered Vercel’s internal database, access keys, and source code for sale on BreachForums for approximately $2 million. The initial bid was stated to be $500,000 in Bitcoin.
The data allegedly offered for sale contains highly sensitive information such as employee account permissions, API keys, NPM and GitHub tokens. It is stated that this data could be used for “supply chain attacks,” and it is suggested that the shared screenshots may have been taken from Vercel’s internal systems (including Linear and user management panels).
Following these developments, Vercel reportedly contacted the individual via Telegram, requesting that they cease contact with the employees. This indicates that direct communication had taken place between the parties.
In an official statement, the company confirmed that some internal systems had been accessed without authorization. Vercel announced that a crisis response process had been initiated, law enforcement had been informed, and affected customers had been contacted.
*This is not investment advice.