PANews reported on April 19th that, according to a post by community user Ryan on the X platform, a user claiming to be affiliated with ShinyHunters on the hacker forum BreachForums posted that they were selling Vercel's internal database, access keys, and source code for approximately $2 million (starting bid of $500,000 in BTC). The post claimed the data contained sensitive information such as employee account permissions, API keys, NPM and GitHub tokens, and implied it could be used for "supply chain attacks." Related screenshots appear to be from Vercel's internal systems (including Linear and user management panels), showing fields such as user ID, email, and administrator privileges.

Vercel has reportedly contacted the poster via Telegram requesting a halt to contact with employees, indicating direct communication between the two parties. Meanwhile, Vercel has officially confirmed that "some of its internal systems were accessed without authorization," stating that it has initiated an incident response, notified law enforcement agencies, and is communicating with affected customers.

Vercel emphasized that only a small number of customers are currently affected, the platform service is still operating normally, and advised users to check their environment variable configurations and enable sensitive variable protection.