Vercel Breach Traced to Context.ai Third-Party Compromise

Vercel has disclosed that its security breach originated from the compromise of Context.ai, a third-party AI tool used by a Vercel employee. The attacker leveraged that access to take over the employee’s Vercel Google Workspace account, which then enabled unauthorized access to certain internal Vercel systems.

ShinyHunters is claiming responsibility and reportedly attempting to sell stolen data for $2 million; exposed data includes employee names, email addresses, and activity timestamps. Scope of customer data exposure is described as limited but not yet fully quantified.

The incident is a textbook third-party AI tool risk scenario: integrations with access to employee identity or SSO pipelines can become lateral-movement paths into production infrastructure. Organizations should audit which third-party AI tools are connected to employee identity providers and review their access scopes.