How One Overpermissioned Login Link Bridged Two Companies

A Vercel employee gave Context.ai excessive login permissions during an app integration. Attackers exploited those credentials to access the employee's Google account, then broke into Vercel's systems to steal customer data. The breach highlights a common risk: when login systems grant too much access, they can accidentally create security gaps between companies. Worth flagging: simplicity in integration often trades off against security controls.