Web infrastructure provider Vercel confirmed last weekend that its internal systems were breached via a compromised third-party AI tool — Context.ai — used by one of its employees. The attackers pivoted through a legitimate OAuth app into the employee’s Google Workspace account, then into Vercel’s deployment environment, as reported by BleepingComputer. It’s a textbook supply chain attack — and it’s a class of risk every business should understand.

The plain-English version

A supply chain attack is when attackers don’t break into their real target directly. They compromise something the target already trusts — a software vendor, an IT provider, an integration, or an OAuth-connected app — and ride that trust inward. Think of it as walking through the front door carrying a delivery, instead of climbing the fence.

The classic examples were software update channels (SolarWinds, 3CX). The modern twist is identity and AI tooling. Every time a staff member connects a third-party app — an AI note-taker, a meeting summariser, a productivity add-in — that app becomes part of your supply chain.

Why it matters for your business

You probably have dozens of OAuth-connected apps in your Microsoft 365 or Google Workspace tenant right now. Most were approved by individual staff, not reviewed by IT. Under Australia’s Privacy Act, if one of those apps is compromised and exposes customer data, you are accountable — not the vendor.

One practical step this week

Audit the OAuth-connected apps in your Microsoft 365 or Google Workspace tenant and remove anything staff no longer use. If you haven’t capped who can consent to new apps, do that today. Talk to us if you need help reviewing your tenant.