Vercel Reveals Customer Accounts Were Hacked Before April Breach
Hosting giant Vercel confirms attackers compromised customer accounts before its early-April security incident was even discovered.
Vercel dropped an uncomfortable update on Thursday: hackers had already infiltrated some customer accounts before the company even caught its early-April breach. The web hosting and app deployment giant says the pre-breach compromises likely happened through social engineering, malware, or other attack vectors.
That's a rough timeline. It means attackers were already inside customer environments before Vercel's own security incident kicked off — suggesting a broader, more coordinated campaign than initially understood.
The company hasn't disclosed exactly how many accounts were affected or the full scope of data accessed. What we do know is that the compromises preceded the main breach, raising serious questions about how long threat actors had access and what they did with it.
Vercel hosts infrastructure for some of the web's biggest properties. Any breach ripples far beyond its own walls.