A note from the Pipeboard team

Hi there,

We want to be upfront with you about something that happened this week. Our hosting provider, Vercel, reported a security incident on April 19, 2026. An attacker gained temporary access to some of their internal systems through a compromised third-party tool. Vercel has confirmed the issue is contained and that sensitive, encrypted credentials were not exposed.

Even so, we decided not to wait. As a precaution, we rotated every credential and key that could have been touched, and rolled the changes out across all of our systems — the Pipeboard web app, the Meta Ads and Google Ads integrations, our MCP servers, and our reporting pipeline.

What this means for you

• Your ad accounts are safe. We saw no signs of unusual activity on any customer account, and your connections to Meta and Google were never at risk from this incident.
• Your data is safe. We have no evidence that any Pipeboard customer data was accessed.
• You may have seen some hiccups. Rotating so many credentials at once briefly disrupted parts of the product. Some of you may have noticed reports that were slow to send, connections that needed to be reconnected, or the occasional error message. We are sorry for the inconvenience.

Everything is back to normal now, and we are double-checking each system to make sure nothing is missed.

Why we moved so fast

When something like this happens, there is a choice between waiting for more details or acting immediately to protect customers. We chose to act. Better a few hours of turbulence than even a small chance of an exposed credential sitting out there.

We are here to help

If anything is still not working right for you — a broken connection, a missing report, a campaign you are not sure about — please reach out. We will make it right.

Just head to /support and our team will get back to you quickly.

Thank you for trusting us with your advertising. We do not take that lightly, and we are grateful for your patience this week.

— The Pipeboard team