Today — April 19, 2026 — Vercel disclosed a security incident involving unauthorized access to its internal systems. The breach has been linked to the ShinyHunters group, a threat actor known for targeting SaaS platforms via social engineering and vulnerability exploitation. Vercel says a „limited subset of customers“ was impacted and recommends reviewing environment variables — particularly urging use of their Sensitive Environment Variable feature.
If you’re a platform engineer running production workloads on Vercel, this is your signal to act. Not tomorrow. Now.
But this post isn’t just about Vercel. It’s about what every platform team should do when the infrastructure they trust gets compromised — because this has happened before, and it will happen again.
We’ve Been Here Before
The Vercel breach follows a pattern that platform teams should recognize by now:
- CircleCI (January 2023) — An engineer’s laptop was compromised, giving attackers access to customer environment variables, tokens, and keys. CircleCI’s guidance was unambiguous: rotate every secret, immediately. Teams that delayed paid the price.
- Codecov (April 2021) — Attackers modified Codecov’s Bash Uploader script, exfiltrating environment variables from CI pipelines for two months before detection. Thousands of repositories had their credentials silently harvested.
- Travis CI (September 2021) — A vulnerability exposed secrets from public repositories, including signing keys and access tokens. The scope was enormous because the trust boundary had been quietly violated for years.
The common thread: environment variables are the crown jewels, and PaaS providers are the vault. When the vault gets cracked, every secret inside is potentially compromised.
The Shared Responsibility Blind Spot
Most teams understand the shared responsibility model for IaaS — you secure your workloads, AWS secures the hypervisor. But with PaaS providers like Vercel, Netlify, or Railway, the trust boundary is far murkier.
Consider what Vercel has access to in a typical deployment:
- Your source code (pulled from Git during builds)
- Every environment variable you’ve configured — database URLs, API keys, signing secrets
- Build-time and runtime secrets
- Deployment metadata and audit logs
- DNS configuration and SSL certificates
When Vercel’s internal systems are breached, all of these become part of the blast radius. You didn’t misconfigure anything. You didn’t leak a credential. Your provider’s security posture became your security posture.
This is the platform trust boundary problem: the more convenience your PaaS offers, the more implicit trust you’ve delegated.
Immediate Response: The First 24 Hours
If you’re running on Vercel right now, here’s the checklist. Don’t wait for their investigation to conclude — assume the worst and work backward.
1. Audit Your Environment Variables
Vercel’s own advisory specifically calls out environment variables. Start here:
# List all Vercel projects and their env varsvercel env ls --environment productionvercel env ls --environment previewvercel env ls --environment development
Or use the consolidated environment variables page Vercel provides. Document every secret. You need to know what’s potentially exposed before you can rotate.
2. Rotate Every Secret — No Exceptions
This is the lesson from CircleCI: partial rotation is no rotation. If a secret was accessible to your PaaS provider, treat it as compromised.
- Database credentials (connection strings, passwords)
- API keys (Stripe, Twilio, SendGrid, any third-party service)
- OAuth client secrets
- JWT signing keys
- Webhook secrets
- Encryption keys
Prioritize by blast radius: payment processing keys and database credentials first, monitoring API keys last.
3. Review Deployment History
Check for unauthorized deployments or unexpected build activity:
# Review recent deployments via Vercel CLIvercel ls --limit 50# Check for deployments from unexpected branches or commitsvercel inspect <deployment-url>
Look for deployments that don’t correlate with your Git history. An attacker with access to Vercel’s internals could potentially trigger builds with modified environment variables or injected build steps.
4. Revoke and Regenerate Tokens
Beyond environment variables, rotate all integration tokens:
- Vercel API tokens (personal and team)
- Git integration tokens (GitHub/GitLab app installations)
- Any webhook endpoints that use shared secrets for verification
- CI/CD integration tokens that connect to Vercel
5. Check Downstream Systems
If your database credentials were in Vercel env vars, check your database audit logs for unusual access patterns. If your AWS keys were stored there, review CloudTrail. Every secret that was in Vercel is a thread to pull.
Stop Storing Secrets in Environment Variables
The deeper lesson here is architectural. Environment variables are the de facto standard for passing configuration to applications — but they were never designed as a secrets management system. They’re plaintext, they get logged, they get copied into build caches, and they’re only as secure as the system storing them.
External Secrets Operator
If you’re running Kubernetes workloads (even alongside a PaaS), the External Secrets Operator lets you reference secrets from external stores without ever putting them in your deployment platform:
apiVersion: external-secrets.io/v1beta1kind: ExternalSecretmetadata:name: database-credentialsspec:refreshInterval: 1hsecretStoreRef:name: vault-backendkind: ClusterSecretStoretarget:name: db-credsdata:- secretKey: passwordremoteRef:key: secret/data/production/databaseproperty: password
The secret lives in Vault or AWS Secrets Manager. Your PaaS never sees it. If the PaaS is breached, the secret isn’t in the blast radius.
HashiCorp Vault with Dynamic Secrets
Even better: don’t store long-lived credentials at all. Vault’s dynamic secrets generate short-lived database credentials on demand:
# Application requests temporary database credentials at startupvault read database/creds/my-role# Returns credentials valid for 1 hour# Automatically revoked after TTL expires
When your PaaS is breached, there’s nothing useful to steal — the credentials expired hours ago.
CI/CD Credential Hygiene: Kill the Static Tokens
Static API keys and long-lived tokens are the gift that keeps giving — to attackers. Every major PaaS breach has involved harvesting static credentials. The fix is structural.
OIDC Federation: Identity Without Secrets
Instead of storing cloud provider credentials in your CI/CD platform, use OIDC federation. Your pipeline proves its identity to the cloud provider directly, receiving short-lived tokens that can’t be stolen from the PaaS:
# GitHub Actions example — no AWS keys stored anywhere- uses: aws-actions/configure-aws-credentials@v4with:role-to-assume: arn:aws:iam::123456789:role/deploy-roleaws-region: eu-central-1# No access-key-id or secret-access-key needed# GitHub's OIDC token proves the workflow's identity
All major cloud providers support OIDC federation from GitHub Actions, GitLab CI, and most CI/CD platforms. There is no good reason to store static cloud credentials in your PaaS in 2026.
Workload Identity and SPIFFE7.
For more complex deployments, SPIFFE (Secure Production Identity Framework for Everyone) and its reference implementation SPIRE provide cryptographic identity attestation for workloads. Every workload gets a verifiable identity (SVID) without static credentials, and identity is attested based on the workload’s environment — not a secret that can be exfiltrated.
This is zero-trust for deployment pipelines: trust is established through verifiable identity, not shared secrets.
SBOM and Provenance: Know What You Shipped
When your build platform is compromised, one critical question emerges: can you prove that what’s running in production is what you intended to ship?
Build provenance — cryptographic attestations that link a deployed artifact to its source code, build parameters, and builder identity — becomes essential during incident response:
# Verify build provenance with cosigncosign verify-attestation \--type slsaprovenance \--certificate-identity builder@your-org.iam.gserviceaccount.com \--certificate-oidc-issuer https://accounts.google.com \ghcr.io/your-org/your-app:latest
If you maintain SBOMs (Software Bills of Materials) and SLSA provenance attestations, you can forensically verify whether a compromised build platform injected anything into your artifacts. Without them, you’re flying blind.
Long-Term: Multi-Provider Resilience
The uncomfortable truth is that every PaaS provider will eventually have a security incident. The question isn’t if — it’s whether your architecture limits the blast radius when it happens.
Reduce Single Points of Trust
- Secrets in an external vault, not in the PaaS — Vault, AWS Secrets Manager, Azure Key Vault
- Build artifacts signed independently — don’t rely on the build platform’s integrity alone
- DNS and TLS managed separately — if your PaaS controls your DNS, a breach can redirect traffic
- Audit logs forwarded in real-time — ship PaaS audit logs to your own SIEM before the provider can tamper with them
Portable Deployments
If your deployment is tightly coupled to a single PaaS, you can’t move quickly during an incident. Containerized workloads with Infrastructure-as-Code configuration give you the option to shift to another platform within hours, not weeks. You don’t need to be multi-cloud on day one — but you need the capability to move when the trust relationship breaks.
The Incident Response Checklist
Pin this somewhere visible. When your next PaaS breach notification lands in your inbox:
| Timeframe | Action |
|---|---|
| 0-1 hours | Inventory all secrets stored in the provider. Begin rotating critical credentials (database, payment, auth). |
| 1-4 hours | Revoke all API tokens and integration credentials. Review deployment history for anomalies. |
| 4-12 hours | Complete rotation of all remaining secrets. Check downstream system audit logs. Verify build artifact integrity. |
| 12-24 hours | Confirm no unauthorized deployments occurred. Brief stakeholders. Document timeline. |
| 1-7 days | Conduct full post-incident review. Implement architectural improvements (external secrets, OIDC federation). Update runbooks. |
Trust, but Architect for Betrayal
The Vercel breach is a reminder that platform trust is borrowed, not owned. Every convenience a PaaS provides — environment variable storage, built-in secrets, managed DNS — is a trust delegation that becomes a liability during a breach.
The platforms you depend on will get compromised. The question is whether you’ve architected your systems so that a provider breach is a inconvenience you handle in hours — or a catastrophe that takes weeks to untangle.
Start rotating your secrets now. Then start building the architecture that means you won’t have to do it so urgently next time.