Skip to main content

WeTransfer suffered a security incident last week

WeTransfer
Image credit: WeTransfer
(Image credit: WeTransfer)

The file sharing service WeTransfer has revealed that it was affected by a security incident in which it shared files with the wrong people for two days last week.

Unlike other services that limit the size of the files you can send, WeTransfer has made a name for itself by allowing free users to send up to 2GB of files while paid users can send up to 20GB of files at a time. WeTransfer Plus users are also able to add passwords to their files for greater security.

The company began to inform users today via email that on June 16 and 17, files sent using its service were delivered to users who were not the intended recipients. According to these emails, WeTransfer is unsure as to what caused the security incident but its team is looking into the matter to find out more.

Security incident

In addition to sending out emails to affected users, WeTransfer also posted a security notice on its website in which the company explained that some accounts were logged out and others had their passwords reset for additional protection. The company also blocked access to all of the Transfer links that were involved in the incident.

WeTransfer reassured users that it would find and share answers with them soon, saying:

“We understand how important our users' data is and never take their trust in our service for granted. We are still investigating the complete scope and cause of the incident, and will update further as soon as possible.”

The full scope of the incident won't be revealed until we know more but since private and potentially sensitive files are often shared using WeTransfer, this could end up being a big privacy issue for affected users.

Via Bleeping Computer