ServiceNow data exposure: Bug allowed internet access to customer info

Cloud computing company ServiceNow has informed some clients about a software flaw that inadvertently exposed their data to the public internet. The vulnerability allowed unauthorized individuals to access information without needing login credentials.

ServiceNow stated the issue was not a malicious hack but rather the result of security researchers probing for weaknesses to submit bug bounty reports. The company has since patched the instances affected, which were primarily related to its Australia releases, though some users reported signs of broader exposure.

This incident highlights the critical need for robust security in cloud platforms that handle sensitive enterprise data, as vulnerabilities can have widespread implications for customer privacy and operational integrity.