techUpkeep()

Back to Blog
Security / Developer Tools

Vercel April 2026 Security Incident: What Happened, What Was Breached, What To Do

A ShinyHunters-branded BreachForums listing is selling claimed Vercel source code, database access, and employee tokens for $2M USD. Vercel has since traced the incident to a compromised third-party AI tool's Google Workspace OAuth app. Here are the facts, the IOCs, and what to do today.

·6 min read

Living post

The investigation is still ongoing. I'll update this post as Vercel releases more details, the attribution becomes clearer, or any downstream compromise is confirmed. Subscribe to the newsletter if you want updates in your inbox.

1. What Happened

On April 19, 2026 at 02:02 AM, a thread titled "Vercel Database Access Key & Source Code" was posted on BreachForums by an account with the ShinyHunters name and an Administrator badge. The thread was marked VERIFIED by forum staff. The poster claimed to be selling access to Vercel's source code, database, and internal credentials for $2M USD, contact via XMPP, Telegram, or Tutamail, middleman required.

The BreachForums thread as it appeared on April 19, 2026. Poster account shows 48 posts, 42 threads, joined May 2023, reputation 1,905.

Vercel has since published an official security bulletin confirming the incident and beginning an investigation:

vercel.com

Vercel April 2026 Security Incident

Vercel's official bulletin on the April 2026 security incident. Includes the root cause (a compromised third-party AI tool's Google Workspace OAuth app), indicators of compromise, and recommended actions for customers.

About ShinyHunters

ShinyHunters is a threat actor group (or, at this point, a brand) active since 2020, originally named after the rare Pokémon variant. Per Wikipedia and open-source threat reporting, the group has been linked to:

  • Snowflake customer breach campaign (2024): over 165 customer environments affected, including Ticketmaster (560M records), AT&T (110M records), and Santander (30M records).
  • PowerSchool breach (2024): US and Canadian K-12 student and teacher records.
  • Salesforce data theft campaign (2025): a voice-phishing wave against Salesforce customers that reportedly affected Google, Cisco, Adidas, Louis Vuitton, Qantas, Allianz Life, and others.
  • Rockstar Games (April 2026): a breach claim posted shortly before the Vercel listing.

Important caveat on attribution: the "ShinyHunters" label has been used by multiple overlapping actors over the years and is often worn by copycats. Several people on X have reported that the real ShinyHunters operators are denying involvement and say someone else is using their name. Nothing has been independently verified yet. Vercel's own bulletin does not attribute the incident to any named group, and no third-party security firm has confirmed the identity of the seller as of writing.

2. What Was Breached

The BreachForums listing, also circulated on X by @shiri_shh, describes the following items for sale:

The full listing text, including the database schema shown as proof and the $2M USD price with XMPP, Telegram, and Tutamail contact options.
@shiri_shh's post on X surfacing the listing, with a reply from @vercel confirming the incident.
  • Source code from Vercel.
  • Database access to what the poster describes as Vercel's internal user member system. Fields shown in the listing: id, name, displayName, email, active, admin, guest, timezone, createdAt, updatedAt, lastSeen.
  • API keys, described by the poster as including some NPM tokens and some GitHub tokens.
  • Multiple employee accounts with access to several internal deployments.
  • Linear screenshots (Vercel's project management tool), used as the primary proof of access in the listing itself.

The poster framed the listing as a potential supply chain attack, citing Next.js' ~6 million weekly npm downloads. Outside of the user-system schema and the Linear screenshots, no public sample of source code or tokens has been published at the time of writing. Everything beyond that is the seller's claim, not independently verified.

3. Vercel's Findings

Per Vercel's April 2026 security bulletin, their investigation to date has produced this conclusion:

"Our investigation has revealed that the incident originated from a third-party AI tool with hundreds of users whose Google Workspace OAuth app was compromised."

In other words, the entry point was not Vercel's core infrastructure. It was a third-party AI product that Vercel employees (and hundreds of others) had authorized as a Google Workspace OAuth application. When that third-party app was compromised, the attacker gained whatever scopes that OAuth grant provided across every tenant using it.

Vercel has published an indicator of compromise (IOC) in the bulletin to help the broader community identify the same OAuth app in their own environments. If you use Google Workspace, review that IOC against your authorized apps now. Vercel's guidance:

"We recommend that Google Workspace Administrators and Google Account owners check for usage of this app immediately."

OAuth App (IOC)

110671459871-30f1spbu0hptbs60cb4vsmv79i7bbvqj.apps.googleusercontent.com

Search your Google Workspace Admin console > Security > API controls > App access control for this client ID and revoke it if present.

Vercel's bulletin does not yet enumerate exactly which systems, employees, or data stores were accessed via the compromised OAuth grant, or what the AI tool's scopes were. Those details are expected in a follow-up post.

4. Recommendations

Vercel's own recommendations, quoted from the bulletin:

From Vercel's bulletin

  • Review the activity log for your account and environments for suspicious activity.
  • Review and rotate environment variables and take advantage of the sensitive environment variables feature.
  • For support rotating your secrets or other technical support, contact Vercel through vercel.com/help.
  • Google Workspace admins and Google Account owners should check for usage of the flagged OAuth app and remove it.

Beyond Vercel's own guidance, there are a few common-sense follow-ups worth doing this week:

  • Audit your own Google Workspace OAuth grants. Admin console > Security > API controls > App access control. Revoke any AI tool whose scopes look broader than its feature set needs.
  • Rotate Vercel personal access tokens. Account Settings > Tokens.
  • Rotate any GitHub PAT and NPM automation token that was ever wired into a Vercel integration or Vercel-hosted CI.
  • Pin Next.js to an exact version for the next few weeks and watch for unexpected releases of next, turbo, or any @vercel/* package. This is precautionary, not a confirmed threat.
  • Enforce 2FA on your Vercel team if you haven't already.
  • Review deploy history for the last 7 days. Anything you don't recognize should be treated as suspect until verified.

This post will be updated as more information is released. For now, hope everyone stays safe. Rotate your API keys, and if you're a Google Workspace admin, check for usage of the OAuth app in Vercel's IOC and remove it.

Get the next update on this story in your inbox

I dig through 110+ tech sources twice a week so you don't have to. Security incidents like this one, AI tool updates, developer trends, the stuff that actually matters to your work, curated and explained without the fluff.

Early-adopter insights
Ship, don't just code
Free foreverUnsubscribe anytime

Keep Reading

Security / AI Tools

Claude Code's Leaked Source: What We Found Inside

512,000 lines of TypeScript exposed by one forgotten source map file. KAIROS, anti-distillation traps, undercover mode, plus a same-day axios supply chain attack.

14 min read
Infrastructure & Cloud

AWS US-EAST-1 Outage Oct 2025: Root Cause + Timeline

14-hour outage, DynamoDB DNS race condition, 6.5M Downdetector reports. Full timeline and what AWS's post-mortem actually said.

10 min read

Written by Benjamin Loh, curator of Tech Upkeep