A shared user account used by WeWork employees to access printer settings and print jobs had such an incredibly simple password that a customer guessed it, according to TechCrunch. WeWork customers normally have an assigned seven-digit username and a four-digit passcode used for printing documents at WeWork locations. But the username for the account used by WeWork employees was just four-digits: “9999” – and the password was the same as the username. The “9999” account is used by and shared among WeWork community managers, who oversee day-to-day operations at each location, to print documents for visitors who don’t have accounts to print on their own. The account cannot be used to access print jobs sent to other customer accounts. While this shared account could not see the contents of documents beyond file names, logging into the WeWork printing web portal could allow users to release other people’s pending print jobs sent to the “9999” account to any other WeWork printer on the network.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
