Customer data leaked due to a vulnerability in the ServiceNow platform

Cloud giant ServiceNow has warned its corporate customers that data may have been exposed on the internet due to a software flaw in its platform. According to a confidential report shared on Reddit, a vulnerability was patched on June 5 that allowed unauthenticated users to access data hosted on ServiceNow. This is reported by Techcrunch.com .

This flaw allowed unauthorized individuals to access data stored in customer instances without requiring a password or login. So far, there is no precise information on who accessed this data, what type of information was stolen, or whether any hacking group was involved in the process.

ServiceNow helps thousands of large companies automate their internal business processes. Companies use this platform to manage IT and HR systems, recruitment processes, and technical support services. Therefore, platforms like ServiceNow are highly attractive targets for hackers, as they may contain sensitive passwords, keys, and other critical data.

Although company officials stated that the issue mainly affected customers in Australia, Reddit users claim that unauthorized access has been observed in other regions as well. Cybersecurity experts identified the IP address 51.159.98.241 as suspicious and advised customers to check their log files.

So far, ServiceNow representatives have not officially responded to TechCrunch's inquiries regarding how many customers were affected and how long the vulnerability remained open. This incident has raised further serious concerns about the security of cloud services.