There's a recently discovered flaw by iDownloadBlog that lets thieves reset a stolen Apple Watch without a hitch, which is the result of Apple not including the Activation Lock feature that iPhones have had since iOS 7.
Activation Lock requires your Apple ID and password to erase or reactivate an iPhone, but the Watch has no such feature, as shown below.
Basically, a hard reset can be performed by thieves on a stolen Apple Watch by long-pressing on the side button until the power menu appears. Then you Force Touch on the display until a new option appears for "Erase all content and settings." This option totally wipes the Watch clean.
The only catch to this vulnerability is that the Watch needs to be connected to a power source for the reset option to appear, so resetting the Watch on the go is not going to be easy.
This exploit comes after another one that we've recently found, one that lets quick-fingered thieves steal your Watch and access the Watch without needing your passcode. This lets them use Apple Pay to make purchases at nearby stores before you have a chance to remove the device from your Apple Pay settings in iCloud.
With both of these exploits, it's apparent that tighter security needs to come via a firmware update very soon.