Vercel’s Data Breach Runs Deeper Than Anyone Expected

Vercel just confirmed what many feared. The breach isn’t contained to a single incident — and customer data was already being stolen before anyone even noticed something was wrong.

App and website hosting giant Vercel dropped a significant update to its security incident page on Thursday, April 23. The company revealed evidence of malicious activity on its network that predates the early-April breach it previously disclosed. In short, hackers had been active inside Vercel’s systems longer than the company initially realized.

That’s a much bigger problem than a simple one-time hack.

Prior Customer Accounts Were Already Compromised

Vercel’s updated statement doesn’t sugarcoat things. The company found “a small number of customer accounts with evidence of prior compromise that is independent of and predates this incident, potentially as a result of social engineering, malware, or other methods.”

So these weren’t caught up in the April breach. They were already hit before that breach even started.

Vercel also confirmed additional customer accounts were compromised during the April incident itself, though it hasn’t released specific numbers. The company says it has notified affected customers so far. That qualifier — “so far” — suggests the investigation is still very much ongoing.

The Infostealer Malware Connection

The original story started with a Vercel employee downloading an app made by software startup Context AI. Hackers had already compromised Context AI, and they used that access to hijack the employee’s work account and pivot into Vercel’s systems.

But Vercel CEO Guillermo Rauch has since pointed to something broader. In a post on X, he confirmed that the hackers involved have been active “beyond that startup’s compromise,” suggesting this group had multiple entry points and wasn’t just riding one compromised vendor.

Rauch pointed specifically to infostealer malware as a likely culprit. Infostealers are nasty pieces of software that disguise themselves as legitimate programs. Once installed on a victim’s machine, they quietly scoop up stored passwords, private keys, authentication tokens, and other sensitive credentials — then upload everything to the attackers.

Think of it like a digital pickpocket that cleans out your entire wallet while you’re focused on something else entirely.

What the Hackers Actually Did With That Access

Once inside, the attackers moved fast and methodically. Rauch described a “repeated pattern: rapid and comprehensive API usage, with a focus on enumeration of non-sensitive environment variables.”

Essentially, the hackers mapped out Vercel’s systems quickly after gaining access. They used the hijacked employee account to reach internal systems, including customer credentials that, critically, were not encrypted.

That’s a serious problem. Unencrypted credentials are immediately useful to an attacker. There’s no additional cracking required.

Earlier security research suggested a Context AI employee may have unknowingly installed infostealer malware after searching for Roblox game cheats online. That’s a remarkably mundane starting point for a breach that now affects a major cloud hosting platform and an unknown number of its customers.

The Compliance Failure Nobody Saw Coming

There’s another uncomfortable detail buried in all of this. TechCrunch reported Thursday that Delve, a compliance startup already facing accusations of faking customer data, was the company that performed security certifications for Context AI.

That raises real questions about the value of those certifications and whether they accurately reflected Context AI’s actual security posture. If the company providing oversight was itself operating dishonestly, the certifications it issued may not have been worth much.

It’s a reminder that security compliance paperwork and actual security are two very different things.

The Full Scope Still Isn’t Clear

Both Vercel and Context AI have signaled that more victims may surface as investigations continue. Neither company has confirmed a final count of affected customers, and the timeline of the prior compromise remains vague.

Vercel declined to specify how many customers the breach now affects or how far back the second compromise dates. A spokesperson confirmed only what was written in the incident update and nothing beyond it.

For Vercel customers, that uncertainty is genuinely uncomfortable. If you’re hosting an app or website on Vercel’s platform, you’re waiting on a company still working to understand the full damage done to its own systems.

The smart move right now is to rotate any API keys, tokens, or credentials associated with your Vercel account. Don’t wait for the company to tell you that you’re affected. Assume the worst, take action, and then verify later.

Breaches that keep growing in scope rarely stop surprising you in a good way.