WeTransfer Incident Shares Transferred Files with Unintended Users

WeTransfer Incident Shares Transferred Files with Unintended Users

WeTransfer files were transferred to unintended users on June 16 and 17. The scope of the incident is not clear, but the company promptly logged out affected accounts and disabled the transfer links.

  • By Kaitlyn DeHaven
  • Jun 26, 2019

WeTransfer posted a security notice on June 21 informing users of a security incident they had discovered on Monday, June 17. In the incident, WeTransfer emails including file transfer links were sent to unintended e-mail addresses for two days – June 16 and 17.

After the company discovered the security incident, they logged the users out of their accounts and deactivated the links, making the files inaccessible. For some users, they reset their passwords. Then, they sent out emails to the affected users and posted the security notice on their website. WeTransfer has stated they do not know what caused the security incident.

There is a way to password-protect your transferred files on WeTransfer, ensuring that the end user is also the intended user, but it is not available on the free version of WeTransfer.

Jamie Brown, an affected user who received a notice from WeTransfer informing him that his files had been sent to unintended users, told Naked Security the files he was transferring were not overly confidential, but others may not have been so lucky.

“Thankfully we mostly use WeTransfer for sending and receiving brand photos for use on Chicmi.com – so they’re mostly heading into the public domain anyway, and the worst that might happen is an embargo being broken for an upcoming event,” Brown said. “However, I’m sure others are not so relaxed about it, bearing in mind the way the service is used.”

WeTransfer stated that they would let their users know as soon as they had an update on the cause of the situation, but that the scope of the incident will not be revealed until they have more information.

“We understand how important our users’ data is and never take their trust in our service for granted,” WeTransfer said in a statement. “We are still investigating the complete scope and cause of the incident, and will update further as soon as possible.”

About the Author

Kaitlyn DeHaven is the Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • 5 Tips to Improve Your Password Security

    Change Your Password Day is right around the corner. Observed every year on February 1, the day aims to raise awareness about cybersecurity and underscores the importance of keeping passwords strong and up to date. Read Now

  • Enhancing Port Security

    DP World Yarimca, one of the largest container terminals of the Gulf of İzmit and Turkey, is a strong proponent of using industry-leading technology to deliver unrivaled value to its customers and partners. As the port is growing, DP World Yarimca needs to continue to provide uninterrupted operations and a high level of security.To address these challenges, DP World Yarimca has embraced innovative technological products, including FLIR's comprehensive portfolio of security monitoring solutions. Read Now

  • Hot AI Chatbot DeepSeek Comes Loaded With Privacy, Data Security Concerns

    In the artificial intelligence race powered by American companies like OpenAI and Google, a new Chinese rival is upending the market—even with the possible privacy and data security issues. Read Now

  • Survey: CISOs Increasing Budgets for Crisis Simulations in 2025

    Today, Cyber Performance Center, Hack The Box, released new data showcasing the perspectives of Chief Information Security Officers (CISOs) towards cyber preparedness in 2025. In the aftermath of 2024’s high-profile cybersecurity incidents, including NHS, CrowdStrike, TfL, 23andMe, and Cencora, CISOs are reassessing their organization’s readiness to manage a potential “chaos” of a full-scale cyber crisis. Read Now

Most   Popular

New Products

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.