- WeTransfer disclosed that on June 16 and 17, 2019, the files shared using its service were also shared with people who were not intended to receive the files.
- The file sharing service has blocked the transfer links to prevent further downloads.
WeTransfer, a cloud-based file transfer service announced that it shared users’ sensitive files to people who were not intended to receive the files.
The big picture
The file sharing service notified its users via email that on June 16 and 17, 2019, the files shared using the WeTransfer service were also shared with people who were not intended to receive the files.
- WeTransfer stated that its team is working hard to contain the situation.
- The file sharing service also stated that they have blocked the link to prevent further downloads.
“We have learned that a transfer you sent or received was also delivered to some people it was not meant to go to. Our records show those files have been accessed, but almost certainly by the intended recipient. Nevertheless, as a precaution, we blocked the link to prevent further downloads.
As your email address was also included in the transfer email, please keep an eye out for any suspicious or unusual emails you receive,” WeTransfer said in the email notification sent to users, BleepingComputer reported.
What actions were taken?
- WeTransfer is conducting an investigation to determine the cause of the incident.
- It has logged out some user accounts and has asked those users to reset their passwords.
- It has further blocked Transfer links to avoid further transfers.
“This incident took place on June 16th and 17th, and upon discovery, we immediately took precautionary security measures to protect our users. This means that users might have been logged out of their account or asked to reset their password in order to safeguard their account. Additionally, we have blocked Transfer links to ensure the security of our users’ Transfers,” WeTransfer said in a security notice.