Cloud app hosting giant Vercel this weekend said hackers had breached its internal systems and accessed customer data.
Hackers have claimed they have stolen sensitive customer credentials from Vercel’s systems and are selling the data online. In a statement on Sunday, Vercel said the breach originated from another software maker, Context AI. One of Vercel’s employees downloaded an app made by Context AI and connected it to their corporate account, which is hosted by Google. The hackers used that connection (known as OAuth) to take over the Vercel employee’s Google account and gain access to some of Vercel’s internal systems, including credentials that were not encrypted.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- McDonald’s discloses data breach after theft of customer, employee info
June 11, 2021
McDonald’s, the largest fast-food chain globally, has disclosed a data breach after hackers breached its systems and stole information belonging to customers and employees from the US, South Korea, and Taiwan. As the world’s global foodservice retailer, McDonald’s serves almost hundreds of millions of customers every day in more than 39,000 locations in over 100 countries, ...
- US truck and military vehicle maker Navistar discloses data breach
June 7, 2021
Navistar International Corporation (Navistar), a US-based maker of trucks and military vehicles, says that unknown attackers have stolen data from its network following a cybersecurity incident discovered on May 20, 2021. The company disclosed the attack in an 8-K report filed with the Securities and Exchange Commission (SEC) on Monday. Read more… Source: Bleeping Computer
- Various Japanese government entities had data stolen in cyber attack: Report
May 27, 2021
Data from various Japanese government entities has reportedly been stolen by hackers that gained access to Fujitsu’s ProjectWEB platform. Fujitsu’s software-as-a-service platform has since been taken down and the Japanese tech giant is currently investigating the scope of the attacks, Japan’s public broadcaster NHK said in a report. Among the impacted government entities are the Ministry of ...
- Air India cyber-attack: Data of millions of customers compromised
May 22, 2021
India’s national airline Air India has said a cyber-attack on its data servers affected about 4.5 million customers around the world. The breach was first reported to the company in February. Details including passport and ticket information as well as credit-card data were compromised. But Air India said security details for credit cards – CVV or CVC ...
- Conti ransomware gives HSE Ireland free decryptor, still selling data
May 20, 2021
The Conti ransomware gang has released a free decryptor for Ireland’s health service, the HSE, but warns that they will still sell or release the stolen data. Ireland’s HSE, the country’s publicly funded healthcare system, and the Department of Health were attacked by the Conti ransomware gang last Friday. Read more… Source: Bleeping Computer
- Ireland: ‘Wizard Spider’ cybercrime gang claim Health Service Executive attack
May 18, 2021
Hackers known as Wizard Spider are spinning a web of chaos since it launched a ransomware attack on the Health Service Executive last week. The Russian hackers have claimed responsibility for the most serious ever cyberattack on Ireland’s critical infrastructure. The group, who are seeking ransom of up to €20 million in cryptocurrency, are not motivated by ...