Vercel Got Hacked Because an Employee Used an AI Tool. The Data Is For Sale for $2 Million.
The attack chain: Roblox cheat downloads infostealer, steals tokens from Context.AI employee, pivots through OAuth to Vercel systems. Now the database is on BreachForums.
The AI Post newsroom — delivering AI news at the speed of intelligence.
This might be the most embarrassing corporate hack of 2026. Vercel's entire database is now for sale on BreachForums for $2 million because someone at an AI startup downloaded a Roblox cheat.
Here's the attack chain that should terrify every company using AI tools: In February, a Context.AI employee downloaded what they thought was a Roblox cheat script. It was actually a trojanized Lumma infostealer that harvested their browser tokens and uploaded them to a resale market.
The attacker bought those stolen tokens and used them to access Context.AI's systems. But here's where it gets worse: a Vercel employee had granted Context.AI Google Workspace OAuth access. The attacker pivoted through that OAuth connection straight into Vercel employee's Google Workspace.
From there, they accessed internal dashboards, employee records, API keys, NPM tokens, and GitHub tokens. Vercel announced the breach on April 19. Context.AI's beta URL went dark the next day. And now Vercel's database is listed on BreachForums with a $2 million price tag.
This is the first major "AI supply chain" breach, and the blast radius is catastrophic precisely because it started so small. One employee at one AI startup downloads one game cheat, and suddenly Vercel's entire infrastructure is compromised.
The OAuth pivot is the real nightmare here. Modern companies hand out Google Workspace access to AI tools like candy. No governance, no monitoring, no revocation policies. Just "here, connect to everything." Context.AI was probably some beta AI writing tool that someone thought would help with docs.
Every company using AI tools with workspace access should be auditing their OAuth grants right now. Because this attack pattern is going to repeat. The initial vector was almost comically mundane: a Roblox cheat. But the connection web was so tangled that one employee's gaming habit became a multi-million-dollar data breach.
This is the SolarWinds of the AI era, except instead of sophisticated nation-state actors, it started with someone trying to cheat at Roblox. Which somehow makes it worse.