ServiceNow tells customers a bug left some of their data exposed to the internet
Cloud technology giant ServiceNow appears to have notified some of its enterprise customers that a software bug on its platform was allowing anyone on the
Cloud technology giant ServiceNow appears to have notified some of its enterprise customers that a software bug on its platform was allowing anyone on the internet to access their data. A knowledge base article, which ServiceNow has hidden behind a login wall but has been shared on Reddit, says the company on June 5 patched some customer instances to fix a bug that had allowed unauthenticated users to âgain greater accessâ to ServiceNow-hosted data than intended. The bug allowed potentially anyone to obtain data stored in customer instances without requiring credentials, such as a password.
Itâs not clear who had improper access to ServiceNow customers, what data was accessed or taken, or if any group was involved. Given that the security incident appears to stem from a data-exposing bug, itâs unclear if customers could have protected themselves from improper access. ServiceNow is a cloud computing giant that allows thousands of its enterprise customers to automate their internal business processes. Companies use the tech giantâs platform to build workflows that connect to various apps and databases, such as IT and HR systems, which can be used to automatically handle repeat tasks, like onboarding staff, resolving tech support tickets, and for chatbots.
As such, companies like ServiceNow are high-value targets for hackers thanks to the amount of sensitive data that they store, such as customer support tickets, which can include passwords, keys and credentials. ServiceNow said the issue relates to customer instances running its Australia releases, but several people on Reddit say they have identified evidence of external access to ServiceNow instances running other versions of its software. Network defenders shared an IP address, 51.159.98.241, said to be an indicator of potential compromise if found in a customerâs logs.
A spokesperson for ServiceNow did not immediately return TechCrunchâs email requesting comment and seeking answers on how many customers are affected, or how long the bug had exposed the data. Corrected the seventh paragraph to update references to the Australia releases, unrelated to geography.
The BriefWire