// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
Breach Record

Vercel

DISCLOSED 2026-04-19 · STOLEN CREDS · RANSOMWARE

Vercel disclosed a breach on April 19, 2026, caused by a compromised OAuth token. The threat actor ShinyHunters demanded a $2 million ransom. The incident is described as a significant supply chain attack.

The record

What we know

Disclosed
2026-04-19
Attack vector
Stolen Creds
Sector
technology
Country
Sweden
RANSOMWARE
Sources

Cited reporting

Similar vector · recent

Other stolen creds breaches on file

This page is the permanent ColdRecon entry for the Vercel disclosure. It updates if new public reporting emerges. All tracked breaches →

Vercel just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →