Cloud app hosting giant Vercel this weekend said hackers had breached its internal systems and accessed customer data.
Hackers have claimed they have stolen sensitive customer credentials from Vercel’s systems and are selling the data online. In a statement on Sunday, Vercel said the breach originated from another software maker, Context AI. One of Vercel’s employees downloaded an app made by Context AI and connected it to their corporate account, which is hosted by Google. The hackers used that connection (known as OAuth) to take over the Vercel employee’s Google account and gain access to some of Vercel’s internal systems, including credentials that were not encrypted.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Bermuda cyber hack: Offshore law firm data hack leaves super-rich bracing for financial details to be released
October 25, 2017
A leading offshore law firm with clients including the super-rich and international corporations has revealed it suffered a “data security incident” that may result in customers’ private information being leaked. Bermuda-based Appleby, which has offices in a number of British overseas territories, said some of its data had been “compromised” in the 2016 cyber incident. The firm ...
- Data breach hits 30m South Africans
October 18, 2017
The personal information of about 30 million South Africans has been compromised. This was revealed by Australian-based IT security researcher Troy Hunt. He created the Have I been pwned? platform as a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or “pwned” in a data breach. Following the ...
- More data lost or stolen in first half of 2017 than the whole of last year
September 20, 2017
More data records have been lost or stolen during the first half of 2017 (1.9 billion) than all of 2016 (1.37 billion). Digital security company Gemalto’s Breach Level Index (PDF), published Wednesday, found that an average of 10.4 million records are lost or stolen every day. During the first half of 2017 there were 918 reported data ...
- Equifax hack: Britons among 143 million people to have their details compromised
September 8, 2017
Credit agency Equifax has admitted that data from 143 million customers may have been compromised in a security breach earlier this year. US, UK and Canadian residents are among those to have their details accessed through a website application vulnerability. The attack was discovered to have run from mid-May until 29 July, but the US company has ...
- Medicare data leaks, but who was breached?
July 4, 2017
Medicare numbers in Australia became a lot less useful as a proof-of-identity, with the Australian Federal Police investigating how an unknown number of records ended up for sale on a Tor site. The report first surfaced via The Guardian’s Australian site, with journalist Paul Farrell reporting he purchased his own record for around AU$30 on the ...
- Banks to be forced to reveal all cyber security breaches to the European Central Bank
June 19, 2017
All banks regulated by the European Central Bank (ECB) will be forced to reveal all major cyber security breaches, according to one of the supervisor’s bosses. Starting this summer, banks directly supervised by the ECB will have to “report all significant cyber incidents”, said Sabine Lautenschlaeger, a member of the ECB’s executive board. At a speech in ...