Security scans of a WeWork building in New York’s Financial District uncovered security vulnerabilities in the company’s WiFi network that exposed financial records and devices of companies in the building.
A tenant moving into the building in 2015 began scanning the facilities to ensure his company wouldn’t be vulnerable to attack, according a CNET report, and discovered that the shared workspace company’s network leaked data like a sieve. His disclosure to WeWork management was shrugged off, the tenant, Teemu Airamo said.
“I said, ‘Did you know that we can actually see all this?’ The answer was, ‘yeah, eh,'” the report cited Airamo as saying. He has continued to conduct regular scans and CNET said a review of the findings showed 658 exposed devices leaking out information.
“Investors now factor cybersecurity in both the valuation and due diligence of pre-IPO companies like WeWork. WeWork’s inadequate measures toward data protection exposes them to more than just risk of a data breach, but it also has the potential to devalue it in this critical pre-IPO stage,” said Mike O’Malley, vice president of strategy at Radware. “Further, it has the potential to increase the risk exposure for every company that operates from a WeWork facility— especially the tech startups that are managing highly sensitive IP and customer data.”