1 min read

Yikes! WeTransfer sends users" files to the wrong people, says it doesn"t know what happened

Filip TRUȚĂ

June 24, 2019

Yikes! WeTransfer sends users" files to the wrong people, says it doesn"t know what happened

In the most embarrassing security incident so far in 2019, file sharing service WeTransfer has sent users” files to the wrong inboxes for at least a full day last week. Worse still, the company says it can”t figure out what happened.

WeTransfer customers who used the service to share files between June 16 and June 17 have received the following notice from the company via email:

“We are writing to let you know about a security incident in which a number of WeTransfer service emails were sent to the wrong people. This happened on June 16th and 17th. Our team has been working tirelessly to correct and contain this situation and find out how it happened.

“We have learned that a transfer you sent or received was also delivered to some people it was not meant to go to. Our records show those files have been accessed, but almost certainly by the intended recipient. Nevertheless, as a precaution we blocked the link to prevent further downloads.”

Since WeTransfer also includes the email of the sender with the delivery of a file, customers are told to keep a close eye on their inboxes for suspicious activity.

In a separate advisory, WeTransfer says some users will notice they have been logged out of their account, or have been asked to reset their password. This was done on purpose, according to the notice, to “safeguard their account.” The Transfer links involved in the incident were also blocked to prevent files being downloaded by the wrong recipients.

The company failed to reveal the cause of the incident, saying only that, “We are still investigating the complete scope and cause of the incident, and will update further as soon as possible.”

The incident may have been caused by a programming bug, but WeTransfer may also have fallen victim to a cyber attack. We have contacted the company for clarification and we”ll update you when (if) we get a response.

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Google Drops All Support for Android 2.3.7 and Older Google Drops All Support for Android 2.3.7 and Older
Silviu STAHIE

August 04, 2021

1 min read
A Heads-Up on Stalkerware, the Wolf Software in Sheep’s Clothing A Heads-Up on Stalkerware, the Wolf Software in Sheep’s Clothing
Silviu STAHIE

August 03, 2021

4 min read
NSA Releases Guidance on Securing Wireless Devices While in Public NSA Releases Guidance on Securing Wireless Devices While in Public
Filip TRUȚĂ

August 03, 2021

2 min read