ShinyHunters, the threat group known for shaking down companies and selling stolen data, appears to have breached Vercel. The cloud platform disclosed Sunday that its internal systems were hit, with a "limited subset of customers" affected. Details are thin. Vercel hasn't said which systems were accessed or how many customers are caught up in this.
The company has brought in incident response experts and notified law enforcement. According to Dennis Fisher's reporting at Decipher, ShinyHunters typically demands money from compromised companies and sells stolen data and system access through online forums.
Tech influencer Theo Browne posted that environment variables marked as "sensitive" in Vercel were not compromised, but those without that designation should be rotated. If you're running agentic AI workloads on Vercel and haven't checked your secrets yet, now would be a good time. Browne also suggested the attack method might have hit other companies, naming Linear and GitHub, though those claims remain unverified.
Even if those specific claims don't pan out, the speculation hits a nerve. These platforms are deeply interconnected in how modern software gets built and shipped. A coordinated campaign targeting code hosting, project tracking, and deployment tools would be a supply chain nightmare. Vercel says services remain operational during the investigation, but the lack of specifics about what was accessed is frustrating for customers trying to assess their own exposure.