A communal user account utilized by WeWork personnel for managing printer configurations and print tasks was protected by an exceptionally basic password – one so uncomplicated that a client successfully determined it.

Jake Elsley, a WeWork customer based in London, explained that he discovered the user account when a WeWork staff member at his workspace inadvertently left it in a logged-in state.

Typically, WeWork patrons such as Elsley are provided with a seven-digit username and a four-digit PIN for document printing at WeWork facilities. However, the username for the account employed by WeWork employees consisted of only four digits: “9999”. Elsley informed TechCrunch that he correctly guessed the password as it matched the username. (“9999” is recognized as a frequently used password, rendering it particularly vulnerable.)

The “9999” account is employed by WeWork community managers – those responsible for the daily functioning of each location – to print materials for guests who do not possess individual printing accounts. This account does not grant access to print jobs associated with other customer accounts.

Elsley stated that while the “9999” account did not reveal the content of documents beyond their file names, gaining access to the WeWork printing web portal could have enabled him to authorize the release of other individuals’ pending print jobs submitted to the “9999” account to any printer within the WeWork network.

Access to the printing web portal is limited to WeWork’s Wi-Fi networks, according to Elsley. This includes the complimentary guest Wi-Fi network, which does not require a password, and WeWork’s primary Wi-Fi network, which utilizes a password that has become publicly known.

Elsley contacted TechCrunch with a request to notify the company regarding this security vulnerability.

“WeWork prioritizes the confidentiality and security of both our members and our team,” stated WeWork representative Colin Hart. “We promptly launched an inquiry into this potential problem and implemented measures to resolve any identified issues. Furthermore, we are nearing completion of a comprehensive, months-long initiative to enhance all our printing functionalities with a leading-edge security and user experience solution. We anticipate this upgrade will be finalized in the weeks ahead.”

WeWork has confirmed that the password for the “9999” user account has since been modified.