ServiceNow, the cloud computing giant used by thousands of major companies worldwide, has admitted that a security bug left customer data exposed to the internet. On June 5, the company notified affected enterprise customers that it had patched the bug. Anyone with an internet connection could have accessed sensitive company data without a password or credentials.
ServiceNow's knowledge base article detailing the incident is now behind a login wall, but Reddit users obtained copies. The platform helps thousands of enterprises automate internal business processes. Exposed data could include IT support tickets, HR systems, passwords, API keys, and confidential credentials.
ServiceNow has not disclosed how many customers were affected, what information was accessed, or whether hackers actively exploited the vulnerability. The company has not answered who accessed the data or for how long.
While ServiceNow claims the bug only affected customer instances running its Australia releases, Reddit users say they've found evidence suggesting other software versions were compromised. Network defenders are flagging a specific IP address — 51.159.98.241 — as a potential indicator of compromise.
Companies like ServiceNow store large volumes of sensitive enterprise data, making them high-value targets for cybercriminals. When security fails at this scale, thousands of businesses face the fallout.
ServiceNow's media team has not responded to requests for comment about the scope of the breach or timeline. Enterprise customers are left uncertain about what damage occurred while their data was accessible online.
