Cloud app hosting giant Vercel this weekend said hackers had breached its internal systems and accessed customer data.
Hackers have claimed they have stolen sensitive customer credentials from Vercel’s systems and are selling the data online. In a statement on Sunday, Vercel said the breach originated from another software maker, Context AI. One of Vercel’s employees downloaded an app made by Context AI and connected it to their corporate account, which is hosted by Google. The hackers used that connection (known as OAuth) to take over the Vercel employee’s Google account and gain access to some of Vercel’s internal systems, including credentials that were not encrypted.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Air Europa says customer data may have been compromised in October breach
March 22, 2024
Spanish airline Air Europa said on Friday personal data of its customers may have been compromised in a security incident that was detected in October last year. The company’s investigation showed that name, ID card or passport details, date of birth, telephone number, email address and nationality details could have been leaked, Air Europa told its ...
- China’s MSS publicizes typical case to remind public of overseas cyber ransom attacks
March 21, 2024
China’s national security authorities publicized on Thursday a typical case of cyber ransom attacks to help raise public awareness over online blackmail and attacks from overseas, which not only affects social stability and economic development but also threatens China’s national security and interests. A Chinese high-tech company recently filed a report through the hotline 12339 about ...
- The ‘AT&T breach’ – what you need to know
March 20, 2024
Earlier this week, the data of over 70 million people was posted for sale on an online cybercrime forum. The person selling the data claims it stems from a 2021 breach at AT&T. Back in 2021, a hacker named Shiny Hunters claimed to have breached AT&T and put the alleged stolen data up for sale for ...
- British authorities investigating the Princess of Wales medical records breach
March 20, 2024
British authorities said Wednesday they are investigating a possible breach of the medical records of Catherine, Princess of Wales. The Information Commissioners Office said the inquiries follow a “breach report” it had received. “We can confirm that we have received a breach report and are assessing the information provided,” it said. Read more… Source: Yahoo News
- New Zealand: Hackers email Mediaworks data breach victims demanding NZ$820
March 18, 2024
Hackers connected to a MediaWorks data breach are demanding a ransom of US$500 (NZ$820) in cryptocurrency from one of the victims of the data leakage. MediaWorks has confirmed a database containing information from individuals who entered its online competitions has been breached. It follows a post on an internet forum on Thursday, which claimed to have ...
- Tech giant Fujitsu says it was hacked, warns of data breach
March 18, 2024
Multinational technology giant Fujitsu confirmed a cyberattack in a statement Friday, and warned that hackers may have stolen personal data and customer information. “We confirmed the presence of malware on multiple work computers at our company, and as a result of an internal investigation, we discovered that files containing personal information and customer information could be ...