ServiceNow Patched June 5 Bug Exposing Customer Data, as Access Spread Beyond Australia Claims
Updated
Updated · TechCrunch · Jun 10
ServiceNow Patched June 5 Bug Exposing Customer Data, as Access Spread Beyond Australia Claims
2 articles · Updated · TechCrunch · Jun 10
Summary
June 5 patches were applied to some ServiceNow customer instances after the company said a software bug let unauthenticated internet users access hosted data without credentials.
The flaw affected Australian customer instances, ServiceNow said, but Reddit users outside Australia reported signs of external access to their own environments.
What was accessed, how many customers were affected and how long the bug was active remain unclear; the company did not immediately answer questions on scope or misuse.
ServiceNow’s platform underpins enterprise IT and HR workflows, making exposed instances especially sensitive because support tickets and connected systems can contain passwords, keys and other credentials.
Network defenders circulated IP address 51.159.98.241 as a possible indicator of compromise for customers reviewing logs after the disclosure.