Are Your Business Identities Secure for 2025? Find out with an IAM Maturity Benchmark Read More
72% of Orgs Struggle with IAM Complexity. But why? Get Access Now
Are Your Business Identities Secure for 2025? Find out with an IAM Maturity Benchmark Read More
72% of Orgs Struggle with IAM Complexity. But why? Get Access Now
News

Are OAuth Tokens the New Passwords?

 

Allen Moffett

Allen Moffett

Managing Director, Simeio
April 24, 2026

Allen Moffett is a Managing Director at Simeio Solutions and was previously the Global Head of Identity Security at Atos. He has been leading the implementation and operation of IAM and cybersecurity services businesses and advising customers on Identity Security for over 35 years, previously working for organizations such as Unisys, Siemens, and Banyan Systems.

He has been actively involved in industry organizations such as the Electronic Messaging Association, the Smart Card Alliance (now the Security Technology Alliance), and the Identity Defined Security Alliance as a member of the Executive Advisory Board.

Another week, another identity-related cybersecurity incident that serves as a wake-up call. Vercel, a US-based cloud application company that created and maintains the Next.js web development framework, announced an incident involving a compromised OAuth token that resulted in the compromise of data for a limited subset of customers.  According to Vercel, the attack announced on April 19th was a downstream incident that originated with a compromise of a third-party AI tool from Context.ai. The Context.ai incident apparently occurred in March but it was not publicly announced until April 19th along with a security bulletin when the Vercel incident was announced. While the identity of the attacker is unconfirmed, a threat actor group called ShinyHunters is claiming credit for the incident and has set a sale price of $2M for the compromised Vercel data. ShinyHunters is a financially motivated cyber-extortion group best known for stealing large volumes of data and threatening to leak it unless victims pay. They are also responsible for a recent vishing attack on Salesforce. ShinyHunters is a reference case for a modern identity-centric threat actor:

  • Identity misuse instead of exploits. Initial access typically involves social engineering, stolen credentials/OAuth tokens, and misconfigured or overprivileged access.
  • SaaS access instead of network intrusion
  • Data extortion instead of ransomware
  • Third-party and supply-chain identity trust as a core weakness

What Happened?

While Vercel is not a Context.ai customer, a Vercel employee used a Context.ai product as a productivity tool. Subsequent actions vary based on the reporting source but the employee then granted “Allow All” permissions to Context.ai in Vercel’s enterprise Google Workspace and gave Context.ai full read access to his Google Drive. Using the stolen OAuth token, attackers took over the employee’s Google Workspace account without triggering MFA or password prompts and accessed some Vercel environments and environment variables that were not marked as “sensitive”. In a bulletin, Vercel included the Indicators of Compromise that Vercel customers should look for as well as recommendations for any of their customers to follow.

To summarize, a compromised OAuth token with extensive permissions resulted in the takeover of an account and access to systems and data. The initial compromise at Context.ai enabled the lateral movement and downstream compromise at Vercel.

What can we learn from this?

The growing volume of non-human identities and AI agents are turning OAuth tokens into the new passwords. They are long-lived, over-scoped, and poorly monitored. MFA is ineffective when attackers use pre-authorized OAuth tokens. Agentic AI makes it worse because these platforms sit at the center of a hub of OAuth grants with expansive scopes. The same rigor and governance that we apply to human identities is needed for these non-human identities.

There are some quick wins that can be implemented immediately.

  • Block user-installed OAuth applications. Require amin approval.
  • Rotate all existing third-party OAuth tokens
  • Default all secrets/environment variables to encrypted
  • Enable OAuth anomaly alerts
  • Publish and enforce an approved AI/SaaS tool list

In addition to these quick wins, a more in-depth control framework covering NHI and OAuth specifically should be implemented longer term, including:

  • Update policies and procedures relating to NHIs and AI agents
  • Enforce least-privilege. Disallow “allow all” or broad scopes by default and use app-specific, read-only scopes where possible.
  • Harden environment variables
  • Implement security monitoring and detection targeted at NHIs and the use of tokens such as OAuth with response playbooks and automation
  • Use OIDC-based workload identities instead of static tokens where possible. Use ephemeral or short-lived tokens if tokens must be used.
  • Use a unique identity per NHI, not shared human credentials

In Conclusion

This is becoming a common tale and it is preventable. Applying security to NHIs, especially AI agents and to DevOps pipelines is not optional. Static tokens, especially when overpermissioned, have become a common attack vector. Don’t let your organization be the next victim. Start a review of related policies and consider implementing these quick wins.

How does your IAM program measure up?

What area should be your first priority?

Simeio’s advisory and benchmarking service team provides a clear, quantifiable assessment of your identity management system, highlighting both strengths and areas for improvement. Schedule a session now to explore critical aspects of your identity fabric from onboarding to risk management. Gain a clear roadmap for enhancing your identity platform, closing gaps, and strengthening your enterprise’s security foundation.