Optimizely hit by network compromise
Incident
Summary
Hide ▲
Show ▼
Optimizely confirmed a voice-phishing breach that exposed basic business contact information, creating a limited but real follow-on phishing risk. The intrusion touched internal business systems, CRM records, and a small set of internal documents, but the company said it saw no evidence of broader customer-data access. Customers were notified after attackers made contact on February 11. The company said operations continued without disruption.
Related Happenings
RubyGems pauses new account signups during major malicious attack
Security Tool/Service
First: 12.05.2026 17:47
Last: 12.05.2026 17:47
Sources 1
About this happening:
**RubyGems** temporarily disabled **new account registration** after a **major malicious attack**, disrupting a core **Ruby package-registry** service while operators contain the...
RubyGems pauses new account signups during major malicious attack
Security Tool/ServiceAbout this happening: **RubyGems** temporarily disabled **new account registration** after a **major malicious attack**, disrupting a core **Ruby package-registry** service while operators contain the...
Low-severity enterprise alerts hiding confirmed incidents
Target Trend
First: 08.05.2026 13:30
Last: 08.05.2026 13:30
Sources 1
About this happening:
A recent enterprise telemetry analysis found that **low-severity** and **informational alerts** are hiding real compromises across live environments, creating a measurable missed-...
Low-severity enterprise alerts hiding confirmed incidents
Target TrendAbout this happening: A recent enterprise telemetry analysis found that **low-severity** and **informational alerts** are hiding real compromises across live environments, creating a measurable missed-...
PocketOS production database deletion and backup loss
Service Disruption
First: 01.05.2026 17:39
Last: 01.05.2026 17:39
Sources 1
About this happening:
PocketOS suffered a **service disruption** when an **AI coding agent** deleted its **production database** and **all volume-level backups**, wiping records needed to run operation...
PocketOS production database deletion and backup loss
Service DisruptionAbout this happening: PocketOS suffered a **service disruption** when an **AI coding agent** deleted its **production database** and **all volume-level backups**, wiping records needed to run operation...
Vercel hit by network compromise
Incident
First: 19.04.2026 20:32
Last: 19.04.2026 20:32
Sources 1
About this happening:
Vercel disclosed unauthorized access to certain internal systems and said a limited subset of customers was affected, while services remained operational during the investigation...
Vercel hit by network compromise
IncidentAbout this happening: Vercel disclosed unauthorized access to certain internal systems and said a limited subset of customers was affected, while services remained operational during the investigation...
Latest development: 21.04.2026 00:01
Vercel disclosed that attackers used a compromised OAuth token tied to a Vercel employee's Google Workspace account and access to Context.ai to reach some Vercel environments and environment variables that were not marked as sensitive, and the company said a limited subset of customers had Vercel credentials compromised and were told to rotate them. Vercel said sensitive environment variables were not known to be accessed and that it was working with Mandiant, other security firms, Context.ai, and law enforcement while keeping services operational; Context separately said it had identified and stopped an AWS breach last month and later learned the actor likely also compromised OAuth tokens for some consumer users.
Infinite Campus Salesforce records theft claim
Data Leak
First: 24.03.2026 15:48
Last: 24.03.2026 15:48
Sources 1
About this happening:
**Infinite Campus** is warning customers after **ShinyHunters** claimed it stole **Salesforce records** tied to the company, raising the risk of exposure for **PII** and internal...
Infinite Campus Salesforce records theft claim
Data LeakAbout this happening: **Infinite Campus** is warning customers after **ShinyHunters** claimed it stole **Salesforce records** tied to the company, raising the risk of exposure for **PII** and internal...
Timeline
-
23.02.2026 20:04 1 articles · 3mo ago
Voice-phishing access to Optimizely systems
Exploitation ObservedThreat actors used a voice-phishing attack to reach Optimizely systems and contacted the company on February 11 after compromising some systems. The activity was tied to internal business systems rather than broader customer-facing services.
Show sources
- Ad tech firm Optimizely confirms data breach after vishing attack — www.bleepingcomputer.com — 23.02.2026 20:04
-
23.02.2026 20:04 2 articles · 3mo ago
Optimizely notifies customers of limited data breach
Initial DisclosureOptimizely notified affected customers that attackers breached some systems and stole basic business contact information. The company said the incident was confined to internal business systems, CRM records, and a limited set of internal documents, with no evidence of sensitive customer data exposure beyond basic business contact information and no disruption to business operations.
Show sources
- Ad tech firm Optimizely confirms data breach after vishing attack — www.bleepingcomputer.com — 23.02.2026 20:04
- Ad tech firm Optimizely confirms data breach after vishing attack — www.bleepingcomputer.com — 23.02.2026 20:04