If You've Deployed on Vercel, Rotate Your Keys Right Now — Here's the Step-by-Step Guide

If You Have Deployed Anything on Vercel, You Should Probably Rotate Your Keys Right Now

The fixes are not complicated. This is not a catastrophic breach that requires weeks of remediation. But it does require action — specific, concrete action that many developers will be tempted to defer because it feels inconvenient and because the immediate visible impact of doing nothing is zero.

The immediate visible impact of a compromised API key is also zero. Right up until it is not.

Here is what happened, who it affects, and what you need to do about it in order of priority.

---

What Actually Happened — Plain English

This was not a direct attack on Vercel's infrastructure. Vercel's core systems were not compromised. The breach occurred through a chain of trust that is worth understanding because the same attack pattern can and does happen through any third-party tool you connect to any platform.

The attack chain worked like this:

Step 1: A third-party analytics tool called Context.ai was compromised. Attackers gained access to Context.ai's systems.

Step 2: Context.ai had an OAuth integration with Vercel. This is the kind of "Connect with Vercel" authorization that many developer tools offer. When a Vercel employee had authorized Context.ai using their Vercel account, they granted Context.ai an OAuth token — a credential that allows the third-party tool to act on behalf of that Vercel account.

Step 3: The attackers used the compromised OAuth token to authenticate as the Vercel employee whose account had authorized Context.ai. OAuth tokens typically bypass multi-factor authentication — they grant access based on the original authorization, not on the current session security of the account holder.

Step 4: Using the employee account access, attackers reached internal Vercel systems. During this access, they were able to see non-sensitive environment variables — configuration values that were not marked as "Sensitive" in Vercel's environment variable settings.

What was protected: Environment variables that were marked as "Sensitive" in Vercel are stored encrypted and were not exposed. This is an important distinction — the encryption of sensitive variables worked as designed.

What may have been exposed: Environment variables that were not marked as Sensitive. If you stored credentials, API keys, or configuration values in Vercel without marking them Sensitive, those values may have been visible to the attackers.

---

The Root Cause: OAuth Trust and Over-Permissioned Apps

It is worth being precise about where this breach originated, because the lesson is more broadly applicable than "Vercel had a security problem."

Vercel did not fail. Context.ai was compromised. The OAuth integration worked exactly as designed — it authorized Context.ai to access Vercel on behalf of a user, and when Context.ai was compromised, attackers inherited that authorization. This is a supply chain attack: an attacker compromises a trusted tool in order to reach the systems that tool has access to.

This attack pattern does not require any failure by the primary platform. It requires only that a third-party tool you have trusted has been compromised or behaves maliciously. Every third-party integration you authorize — every "Connect with GitHub," every "Sign in with Google," every analytics tool, every CI/CD integration — represents a potential vector for exactly this kind of attack.

That is not a reason to avoid integrations. It is a reason to treat them with the same security scrutiny you apply to your own code and infrastructure.

---

Who Is Affected — And Who Should Act Regardless

Vercel's official communication indicates that the breach affected a limited set of users. If you received a direct notification from Vercel, you are confirmed as affected. If you did not receive a notification, you may not be in the directly affected set.

However, the appropriate response to "I did not receive a notification" is not "therefore nothing I had was exposed." It is "I do not know what was and was not exposed with certainty, and given the cost of rotating keys versus the cost of operating with potentially compromised credentials, I should rotate."

Assume worst-case and act accordingly. The cost of rotating keys that were never actually exposed is an hour of your time. The cost of not rotating keys that were exposed is potentially unlimited.

---

The Most Important Action: Rotate Your Keys

This is the primary step. Before anything else, before reading further, if you have credentials stored in Vercel environment variables that are not marked as Sensitive — rotate them.

Here is the correct process for each credential:

Step-by-Step Key Rotation

Step 1: Generate a new key at the source. Go to the service that issued the credential — AWS IAM, Stripe dashboard, your database provider, GitHub settings — and generate a new key or token. Do this before changing anything in Vercel.

Step 2: Update the credential in Vercel. Go to your Vercel project settings, find the environment variable, and update the value to the new credential. Do not delete the old one yet.

Step 3: Mark the variable as Sensitive. While you are in the environment variable settings, mark this variable as Sensitive if it is not already. This ensures it will be encrypted at rest and not exposed in the event of similar future incidents.

Step 4: Redeploy your application. Trigger a new deployment so your application picks up the new credential value. Verify that the deployment succeeds and the application is functioning correctly with the new key.

Step 5: Revoke the old key at the source. Only after confirming your application is working with the new credential, go back to the source service and revoke or delete the old key.

⚠️ Important: Deleting a credential from Vercel's environment variables does NOT disable or revoke it at the source service. The old key continues to work until you explicitly revoke it where it was issued. Always complete Step 5.

---

What to Rotate First: A Priority Framework

If you have many credentials to rotate, prioritize by the potential blast radius — what could an attacker do if they had this credential?

Tier 1 — Rotate Immediately

These credentials can cause the most damage if compromised. Do these first, today.

• Cloud provider credentials — AWS access keys, GCP service account keys, Azure client secrets. These can be used to spin up infrastructure, exfiltrate data, or run up enormous bills.
• Database connection strings — Direct access to your production data. If this credential is compromised, all of your user data is potentially accessible.
• Payment processing keys — Stripe secret keys, PayPal credentials, any payment provider API key. These can be used to initiate refunds, transfer funds, or access payment records.
• GitHub personal access tokens — Broad access tokens can be used to push malicious code to your repositories.

Tier 2 — Rotate This Week

• Third-party SaaS API keys (Sendgrid, Twilio, Mailgun)
• Analytics and monitoring service credentials
• Webhook signing secrets
• OAuth client secrets for your own applications

Tier 3 — Rotate When Convenient

• Internal configuration values that do not authenticate to external services
• Feature flags and non-secret configuration
• Development-environment-only credentials

---

Check Your Logs for Suspicious Activity

Rotating keys addresses the forward-looking risk. You also need to check whether anything suspicious already happened using potentially compromised credentials.

For each of your Tier 1 services, check the activity logs:

• AWS: CloudTrail → Event history. Look for API calls from unfamiliar IP addresses or unusual times, particularly CreateUser, PutBucketPolicy, or any actions involving IAM or S3.
• GCP: Cloud Audit Logs in the console. Filter by date range covering the period since you first set up the potentially exposed credentials.
• GitHub: Settings → Security → Audit log. Look for pushes, deployments, or webhook modifications you do not recognize.
• Vercel: Project Settings → Activity. Look for deployments you did not trigger or configuration changes you did not make.
• Stripe: Developers → Events in the Stripe dashboard. Look for refunds, customer data exports, or configuration changes you did not initiate.

If you find suspicious activity, document what you find before making changes, as you may need this information for incident response or legal purposes.

---

OAuth Risk: The Hidden Attack Vector

One of the most important lessons from this incident is the security risk posed by OAuth integrations — specifically that OAuth tokens typically bypass multi-factor authentication.

When you authorize a third-party tool to access your account using OAuth, you create a persistent credential that can authenticate on your behalf without needing your password or your MFA code. If the third-party tool is compromised, the attacker inherits that access. Your MFA, which would stop an attacker who tried to log in directly with your password, provides no protection against an attack that uses an OAuth token issued to a compromised integration.

The remediation: audit your OAuth integrations and revoke any that you do not actively use or do not need.

On GitHub: Settings → Applications → Authorized OAuth Apps

On Vercel: Account settings → Integrations

On Google: myaccount.google.com → Security → Third-party apps with account access

For every integration listed, ask: do I actively use this? Do I know what it has access to? If the answer to either question is no, revoke it. The principle should be: every authorized OAuth integration is a potential attack vector. Maintain only the ones you genuinely need, with the minimum permissions required for their function.

---

Security Improvements to Make Now

Enable hardware-based MFA or passkeys. Authenticator app-based MFA (Google Authenticator, Authy, 1Password) is significantly more secure than SMS-based 2FA. Passkeys, where supported, are the most phishing-resistant option currently available. Upgrade your MFA method on any account that holds credentials you care about.

Never use SMS-based 2FA for accounts that hold important credentials. SMS 2FA is vulnerable to SIM-swapping attacks and is not adequate protection for accounts with access to cloud infrastructure, payment systems, or production databases.

Mark every secret in Vercel as Sensitive. Go through your existing environment variables right now. If a variable holds a key, token, password, or connection string — mark it Sensitive. This ensures it is encrypted at rest and protected against future similar incidents.

---

The Broader Lesson: Supply Chain Attacks Are the New Normal

The Vercel incident is one instance of an attack pattern that has become one of the primary vectors for security breaches across the software industry. SolarWinds, Log4Shell, the XZ Utils backdoor — these are all variants of the same fundamental approach: compromise something that is trusted and use that trust to reach systems that would otherwise be unreachable.

The implication for developers and small teams is uncomfortable but important: your security is not determined solely by your own security practices. It is also determined by the security practices of every tool, library, and service you integrate with. This is not a reason to avoid integrations — modern software development is impossible without them. It is a reason to be deliberate and conservative about what you connect to what, and to assume that any integration could eventually be compromised.

---

Going Forward: Building Better Security Habits

Rotate credentials on a schedule. API keys and secrets should not live forever. Establish a routine — every 30 to 90 days — for rotating credentials for your highest-value services. Some services support automatic rotation; use it where available.

Apply least-privilege access everywhere. Every credential you create should have only the permissions it needs for its specific function. An API key that only needs to read from an S3 bucket should not have write permissions. An access token that only needs to send emails should not have access to your user database.

Consider a secrets management tool. For solo founders and small teams who want simplicity without sacrificing security, Doppler and Infisical are accessible options that provide centralized secret management with audit logging, rotation support, and consistent access controls. For teams with more complex needs, HashiCorp Vault and AWS Secrets Manager provide more sophisticated capabilities. GitGuardian can scan your repositories and development workflows for accidentally committed secrets.

Audit your OAuth integrations quarterly. Set a calendar reminder. Every three months, go through your authorized applications on every platform that matters and revoke anything you are not actively using.

---

The Real Risk Is Identity and Secrets, Not Infrastructure

Modern cloud infrastructure is generally well-secured at the network and system level. The successful attacks against modern software companies almost invariably target the human and credential layer — stolen tokens, compromised integrations, over-permissioned third-party tools, and secrets stored in ways that make them accessible to anyone who reaches the systems they are stored in.

This incident reinforces a principle that security professionals have been articulating for years: protecting your infrastructure means protecting your identities and secrets, not just your servers.