WeTransfer, a cloud-based file transfer service announced that it shared users’ sensitive files to people who were not intended to receive the files.
The big picture
The file sharing service notified its users via email that on June 16 and 17, 2019, the files shared using the WeTransfer service were also shared with people who were not intended to receive the files.
“We have learned that a transfer you sent or received was also delivered to some people it was not meant to go to. Our records show those files have been accessed, but almost certainly by the intended recipient. Nevertheless, as a precaution, we blocked the link to prevent further downloads.
As your email address was also included in the transfer email, please keep an eye out for any suspicious or unusual emails you receive,” WeTransfer said in the email notification sent to users, BleepingComputer reported.
What actions were taken?
“This incident took place on June 16th and 17th, and upon discovery, we immediately took precautionary security measures to protect our users. This means that users might have been logged out of their account or asked to reset their password in order to safeguard their account. Additionally, we have blocked Transfer links to ensure the security of our users’ Transfers,” WeTransfer said in a security notice.