The personal and contact information of other potential customers as well as client contracts, some of which contained bank account information, were made available to the public online by WeWork developers.
A portion of WeWork clients with locations in India, China, and Europe were impacted by the problem.
Leaking some of their employees' remote addresses is a very sensitive OpSec issue for some of the affected customers.
Numerous people's phone numbers and addresses are included in the data, along with bank account information for others.
TPRM report: https://scoringcyber.rankiteo.com/company/wework
"id": "wew1131523",
"linkid": "wework",
"type": "Data Leak",
"date": "11/2019",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Real Estate',
'location': ['India', 'China', 'Europe'],
'name': 'WeWork',
'type': 'Company'}],
'attack_vector': 'Developer Error',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Contact Information',
'Client Contracts',
'Bank Account Information']},
'description': 'The personal and contact information of other potential '
'customers as well as client contracts, some of which '
'contained bank account information, were made available to '
'the public online by WeWork developers. A portion of WeWork '
'clients with locations in India, China, and Europe were '
"impacted by the problem. Leaking some of their employees' "
'remote addresses is a very sensitive OpSec issue for some of '
"the affected customers. Numerous people's phone numbers and "
'addresses are included in the data, along with bank account '
'information for others.',
'impact': {'data_compromised': ['Personal Information',
'Contact Information',
'Client Contracts',
'Bank Account Information'],
'identity_theft_risk': 'High',
'payment_information_risk': 'High'},
'title': 'WeWork Data Leak',
'type': 'Data Leak'}