ServiceNow tells customers a bug left some of their data exposed to the internet

ServiceNow is used by thousands of enterprises to automate their internal processes, but says several customers had data accessed because of a security bug.
The Hacker News

ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances

A ServiceNow security issue allowed unauthenticated users, in certain circumstances, to gain greater access to susceptible ...

ServiceNow discloses security incident exposing customer data

ServiceNow is warning about a security incident after attackers exploited an unauthenticated access flaw through a vulnerable ...
Crypto Briefing

ServiceNow patches vulnerability exploited against some customers

ServiceNow confirmed attackers exploited an unauthenticated API flaw to access customer data before a June 5 patch, the third ...
techtimes

ServiceNow Data Breach: Gated Advisory Left Customers Unaware of Exploited Zero-Auth API

Enterprise security teams are auditing logs and rotating credentials this week after ServiceNow confirmed that attackers successfully queried sensitive customer instance data through an ...
Dark Reading

Thousands of ServiceNow KB Instances Expose Sensitive Corporate Data

One-thousand instances of enterprise knowledge bases (KBs) hosted by ServiceNow were found to be exposing sensitive corporate data over the past year, despite improvements in data protection that the ...
Bleeping Computer

Over 1,000 ServiceNow instances found leaking corporate KB data

Over 1,000 misconfigured ServiceNow enterprise instances were found exposing Knowledge Base (KB) articles that contained sensitive corporate information to external users and potential threat actors.