A security incident occurred in the sharing service files WeTransfer, as the company announced, was sending shared files to the wrong people for two days.
The WeTransfer service is widely used worldwide for the transfer of large files, and this incident is considered a major security issue.
As of today, users of the service have started receiving emails from WeTransfer [ 1 , 2 , 3 ] who were informed that on June 16 and 17, the files sent with the WeTransfer service were also delivered to unrelated people. The email says that the team does not know what happened and that they are working to alleviate the situation.
The full text of this message is as follows:
Dear WeTransfer user,
We are writing to inform you of a security incident, to which many have been sent emails of the WeTransfer service to the wrong people. This happened on the 16th and 17th of June. Our team is working tirelessly to fix and contain this situation, as well as find out how it happened.
We understand that a transfer you made or received was also delivered to some people who did not intend to go. Our records show that these files were accessed, but it is almost certain that they were from the intended recipient. However, as a precaution we blocked the connection to prevent further downloads.
As your email address was also included in the transfer message, please be aware of any suspicious or unusual emails you may receive.
We understand how important they are data and we do not take your trust in our service for granted. If you have any questions or concerns, just reply to this email to contact the support team.
The WeTransfer Team
The WeTransfer service posted a security alert on its website, according to which some accounts were disconnected, they reset the codes to protect the accounts and that they blocked access to the transfer links involved in the incident. However, they did not provide further details on how this happened.
Because the whole incident does not seem to be a random programming error, there is a possibility that it is a more serious issue, such as a breach of their network. If you have seen a strange behavior from the service, such as sending emails that do not concern you or difficulty in accessing the service or even if you have received such a notification, please share your experience with a comment at the end of this article.