Comment by ivansenic
9 hours ago
There are 3 main questions here:
1) Vercel rolled out sensitive secrets on February 1, 2024, why were not all existing env vars transitioned to sensitive type? Why was there any assumption that any secret added as env var before that date was still OK to be left as "non-sensitive".
2) How was actually the Google workspace account was compromised? If context.ai was the originating issue, what actually led to the takeover? Were there too many access privileges given to the Google Workspace token context.ai had, or was there actually a workstation takeover here?
3) And finally why the hack a compromised Google Workspace account lead to someone having access to bunch of customer projects? Were is the connection? I don't get this..
I can't comment about 1, but my read of 2 and 3 is that the chain was something like this:
1. One or more Vercel employees - likely engineers - grant OAuth access to context.ai. They presumably did this for office-suite style features, but the OAuth request included a GCP grant for some reason, maybe laziness on context.ai's part or planned future features? Either way, Google's OAuth flow has little differentiation between "office suite" scopes and "cloud platform" scopes, so this may not have been particularly obvious to those at Vercel
2. context.ai's AWS account was compromised (unspecified how), and the Google OAuth tokens they had for customer accounts, including those for at least one Vercel employee, were taken
3. Those OAuth token(s) were used to authenticate to the GCP APIs as those Vercel employees, then allowing access to Vercel's DBs, and therefore access to customer data and secrets
Taking this at face value: https://www.infostealers.com/article/breaking-vercel-breach-...
Tl;dr - insufficient endpoint protection and activity detection at Context.ai (big surprise!) + insufficient privileged account isolation at Vercel
Regarding 1, from another comment it seems NeonDB env vars are not sensitive by default.
https://news.ycombinator.com/item?id=47832692