Vercel says some of its customers’ data was stolen prior to its recent hack

Vercel disclosed that attackers accessed customer data after compromising an employee account through an app from Context AI; investigation expanded to reveal earlier, independent compromises likely caused by infostealer malware that harvested tokens/keys. The attackers used stolen credentials to access internal systems and customer data (some unencrypted), and Vercel warned the breach may be broader and longer-running than initially reported, with more affected customers possible.