"The breach started with an external product called Context.ai, a cloud platform that uses artificial intelligence to automate business tasks, which was compromised by a hacker."
"The compromised account gave the threat actor access to some customers' environment variables, which can include sensitive information like database passwords or encryption keys."
"Vercel enables customers to secure secrets using a feature called sensitive environment variables, but the breach only compromised data points that didn't have this feature enabled."
"The data trove stolen from Vercel reportedly included information about hundreds of employees and a number of application programming interface keys, some associated with GitHub repositories."
Vercel disclosed a security breach linked to Context.ai, an external AI product. A hacker accessed a Vercel staffer's Google Workspace account, leading to exposure of some customers' environment variables. The breach affected data points without sensitive environment variables enabled, suggesting limited importance. Vercel estimates the number of affected customers is small, but other Context.ai users may also be impacted. Stolen data included information about hundreds of employees and API keys, some associated with GitHub repositories.
Read at SiliconANGLE
Unable to calculate read time
Collection
[
|
...
]