TechFlow reports that on April 19, 23pds, Chief Information Security Officer at SlowMist Technology, retweeted a claim indicating that the unauthorized access to Vercel’s internal systems—a cloud hosting platform—may be linked to an internal data leak.
The related tweet states that someone claiming to be “ShinyHunters” on BreachForums is offering to sell what they describe as Vercel’s internal database, access keys, source code, employee accounts, API keys, NPM tokens, and GitHub tokens for $2 million. The data allegedly involves Vercel’s internal Linear system and internal user management system.
Earlier reports indicated that Vercel, the cloud hosting platform, disclosed unauthorized access to its internal systems, affecting a small number of customers.
