WeTransfer Incident Shares Transferred Files with Unintended Users -- Security Today

WeTransfer Incident Shares Transferred Files with Unintended Users

WeTransfer files were transferred to unintended users on June 16 and 17. The scope of the incident is not clear, but the company promptly logged out affected accounts and disabled the transfer links.

By Kaitlyn DeHaven
Jun 26, 2019

WeTransfer posted a security notice on June 21 informing users of a security incident they had discovered on Monday, June 17. In the incident, WeTransfer emails including file transfer links were sent to unintended e-mail addresses for two days – June 16 and 17.

After the company discovered the security incident, they logged the users out of their accounts and deactivated the links, making the files inaccessible. For some users, they reset their passwords. Then, they sent out emails to the affected users and posted the security notice on their website. WeTransfer has stated they do not know what caused the security incident.

There is a way to password-protect your transferred files on WeTransfer, ensuring that the end user is also the intended user, but it is not available on the free version of WeTransfer.

Jamie Brown, an affected user who received a notice from WeTransfer informing him that his files had been sent to unintended users, told Naked Security the files he was transferring were not overly confidential, but others may not have been so lucky.

“Thankfully we mostly use WeTransfer for sending and receiving brand photos for use on Chicmi.com – so they’re mostly heading into the public domain anyway, and the worst that might happen is an embargo being broken for an upcoming event,” Brown said. “However, I’m sure others are not so relaxed about it, bearing in mind the way the service is used.”

WeTransfer stated that they would let their users know as soon as they had an update on the cause of the situation, but that the scope of the incident will not be revealed until they have more information.

“We understand how important our users’ data is and never take their trust in our service for granted,” WeTransfer said in a statement. “We are still investigating the complete scope and cause of the incident, and will update further as soon as possible.”

About the Author

Kaitlyn DeHaven is the Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Elite Interactive Expands Team to Target Innovation and Strategic Growth
10/21/2025
Alan Gillmore, IV Assumes Presidency of The Monitoring Association
10/21/2025
SIA Women in Security Forum Launches Sixth Annual CAN DO Challenge to Combat Food Insecurity
10/20/2025
Securitas Technology Releases 2026 Global Technology Outlook Report
10/15/2025
HID Signs Agreement to Acquire IDmelon, Expand Passwordless Authentication Capabilities
10/15/2025
Convergint Opens New U.S. Headquarters
10/13/2025
ONVIF to End Support for Profile S, Recommends Profile T as Replacement
10/09/2025
Totem Achieves Immix Central Station Certification Status
10/09/2025

Featured

Identity Governance at the Crossroads of Complexity and Scale

Modern enterprises are grappling with an increasing number of identities, both human and machine, across an ever-growing number of systems. They must also deal with increased operational demands, including faster onboarding, more scalable models, and tighter security enforcement. Navigating these ever-growing challenges with speed and accuracy requires a new approach to identity governance that is built for the future enterprise. Read Now
- Cybersecurity
Eagle Eye Networks Launches AI Camera Gun Detection

Eagle Eye Networks, a provider of cloud video surveillance, recently introduced Eagle Eye Gun Detection, a new layer of protection for schools and businesses that works with existing security cameras and infrastructure. Eagle Eye Networks is the first to build gun detection into its platform. Read Now
- Active Shooter
Report: AI is Supercharging Old-School Cybercriminal Tactics

AI isn’t just transforming how we work. It’s reshaping how cybercriminals attack, with threat actors exploiting AI to mass produce malicious code loaders, steal browser credentials and accelerate cloud attacks, according to a new report from Elastic. Read Now
- Cybersecurity
Pragmatism, Productivity, and the Push for Accountability in 2025-2026

Every year, the security industry debates whether artificial intelligence is a disruption, an enabler, or a distraction. By 2025, that conversation matured, where AI became a working dimension in physical identity and access management (PIAM) programs. Observations from 2025 highlight this turning point in AI’s role in access control and define how security leaders are being distinguished based on how they apply it. Read Now
- Access Control
- Artificial Intelligence
Report: Cyber Attackers Continue to Turn to AI-Based Tools to Avoid Detection

Comcast Business recently released its 2025 Cybersecurity Threat Report, a comprehensive analysis of 34.6 billion cybersecurity events detected between June 1,2024 and May 31, 2025. Now in its third year, the report offers business leaders a unique perspective into the evolving threat landscape and provides actionable insights to help organizations strengthen their defenses and align cybersecurity with business risk. Read Now
- Artificial Intelligence
- Cybersecurity

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Automatic Systems V07

Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.
Compact IP Video Intercom

Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.
A8V MIND

Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.