How do you feel about a file sharing service sending your files to the wrong person? Sounds frustrating, doesn’t it?
WeTransfer Security Incident: What Happened?
In fact, this is not a hypothetical situation. Apparently, the popular WeTransfer service has been sending users’ files to the wrong places for at least one full day. Moreover, the reason for this hasn’t been specific, as the company was unable to figure out what went wrong.
We discovered a security incident on Monday, June 17th, where e-mails supporting our services were sent to unintended e-mail addresses. We are currently informing potentially affected users and have informed the relevant authorities, the official notice said.
WeTransfer says that the incident was quickly isolated and “precautionary security measures” were taken to protect their users. As part of these security measures, users might have been logged out of their accounts and Transfer links might have been blocked as well.
In an email sent out to users, the company says that “a transfer you sent or received was also delivered to some people it was not meant to go to. Our records show those files have been accessed, but almost certainly by the intended recipient. Nevertheless, as a precaution we blocked the link to prevent further downloads.”
The cause of the unpleasant and potentially dangerous incident has not been revealed yet, as the investigation is still ongoing. One scenario may be that the incident was triggered by a programming bug but a cyberattack is also possible.
“We are still investigating the complete scope and cause of the incident, and will update further as soon as possible,” WeTransfer wrote.