Security Incident Response Statement

Background on the AI Office Suite

In June 2025, we released Context AI Office Suite, a self-serve consumer-targeted workspace designed to help users work with AI agents to build presentations, documents, and spreadsheets. The AI office suite offered a feature that allowed consumer users to enable AI agents to perform actions across their external applications, facilitated via another 3rd-party service.

This feature and entire consumer offering was separate from our current enterprise product, built to run on premises in customer environments.

Our Response to a Security Incident

Last month, we independently identified and stopped a security incident involving unauthorized access to our AWS environment. At the time, we engaged CrowdStrike, a leading forensic firm, conducted an investigation, and informed a customer we identified as impacted. We also closed the AWS environment, hosting service, and associated resources to fully deprecate the consumer product.

Recently, based on information provided by Vercel and additional internal investigation, we learned that OAuth tokens belonging to some AI Office Suite users were compromised during the incident. One of those tokens was used by the attacker to access Vercel’s Google Workspace. Vercel is not a Context customer, but it appears that at least one employee enabled “allow all” on all requested Google Workspace permissions using their Vercel Google Workspace account. These permissions were intended to grant AI agents the ability to perform Google Workspace actions such as writing emails or creating documents on the grantee’s behalf.

We are contacting everyone we have identified as potentially impacted with specific guidance on next steps. We continue to work with CrowdStrike to validate our containment and confirm the full set of affected tokens. Token theft occurred while the AWS environment was still live; that environment and the AI Office Suite’s OAuth application have since been taken down.

We are continuing to verify impact and expect to share further confirmed findings as the investigation progresses. Updates will be posted to this page.

Where we stand

Today, Context serves enterprise customers through an entirely separate platform designed for controlled deployments in customer-owned environments, including air-gapped and on-premise configurations. This current platform is architecturally distinct and fully separated from legacy consumer systems, including the experimental integration referenced above. These implementations are not impacted in this incident.

Following the incident last month, we worked with CrowdStrike to harden our remaining AWS environment — including additional encryption, segmentation, authentication, and monitoring controls — and to strengthen endpoint security and privileged-access controls across the company. We will continue to invest in these controls as the investigation concludes.