Cloud app hosting giant Vercel this weekend said hackers had breached its internal systems and accessed customer data.
Hackers have claimed they have stolen sensitive customer credentials from Vercel’s systems and are selling the data online. In a statement on Sunday, Vercel said the breach originated from another software maker, Context AI. One of Vercel’s employees downloaded an app made by Context AI and connected it to their corporate account, which is hosted by Google. The hackers used that connection (known as OAuth) to take over the Vercel employee’s Google account and gain access to some of Vercel’s internal systems, including credentials that were not encrypted.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Patriot Mobile Suffers Data Breach Impacting Subscriber’s Personal Data
May 21, 2024
U.S. mobile service provider Patriot Mobile fell victim to a security incident resulting in the leak of subscriber details including names, email addresses, zip codes, and account PINs, as reported by TechCrunch. The operator, Patriot Mobile, which boasts itself as a “Christian conservative wireless provider” with an estimated customer base under 100,000, has been seen endorsing ...
- Western Sydney University staff, students caught in cyber attack
May 21, 2024
About 7500 staff and students have been caught up in a massive cyber attack at Western Sydney University. Police are investigating the breach, which the university says dates as far back as May 2023, when an unauthorised party got into the Microsoft Office system and accessed email accounts and SharePoint files. WSU says they have not ...
- Medusa announced attack on John R. Wood Christie’s International Real Estate group
May 20, 2024
No patron information was compromised in a recent ransomware attack against John R. Wood Christie’s International Real Estate by a cyber gang known as Medusa, according to the company. Medusa announced the attack on its site, claiming it had stolen more than 1 terabyte of Wood data. The gang demanded $2 million from the real estate ...
- Healthcare company WebTPA discloses breach affecting 2.5 million people
May 17, 2024
A Texas-based company that provides health insurance and benefit plans disclosed a data breach affecting almost 2.5 million people, some of whom had their Social Security number stolen. WebTPA said in a data breach notice published earlier this month that the company detected “evidence of suspicious activity” on December 28, 2023, which prompted the company to ...
- Another cyber-attack on Australian healthcare company
May 16, 2024
here’s been another large-scale ransomware data breach of an Australian company…this time at an e-script provider named Medi-Secure. Medi-Secure is a prescription exchange service, which offers electronic prescribing and dispensing of prescriptions. It’s not yet known how many data records have been accessed, but experts warn that many Australians might not even know their details were ...
- Santander hit by data breach affecting customers and staff
May 14, 2024
Spanish bank Santander has said data managed by an external party was recently accessed without permission, affecting some of its clients and all of its current staff. “We recently became aware of an unauthorized access to a Santander database hosted by a third-party provider,” the bank said in a statement on Tuesday. Read more… Source: MSN News Sign up ...