WeTransfer, the popular online service for sharing large files easily without having to worry about gobbling up email inbox quotas, has suffered what the company is calling a “security incident.”
According to an advisory emailed to affected users, and confirmed on the WeTransfer website, the service sent emails containing file transfer links to unintended email addresses on June 16 and 17.
As a consequence, unauthorised parties could have accessed private files you were attempting to transfer to a trusted party.
WeTransfer notified users via email.
We discovered a security incident on Monday, June 17th, where e-mails supporting our services were sent to unintended e-mail addresses. We are currently informing potentially affected users and have informed the relevant authorities.
This incident took place on June 16th and 17th, and upon discovery, we immediately took precautionary security measures to protect our users. This means that users might have been logged out of their account or asked to reset their password in order to safeguard their account. Additionally, we have blocked Transfer links to ensure the security of our users’ Transfers.
Unfortunately, WeTransfer’s brief statement leaves plenty of questions hanging in the air:
How many users were affected? How many email transfer links were sent to unauthorised parties?
How many email addresses were the errant file transfer link messages sent to?
Were the unauthorised email recipients seemingly random? Other users of WeTransfer? Or was it just a small number of email addresses that received all the messages?
Was this a screw-up or the result of a malicious act?
If it is believed it was malicious – have the a ..
Support the originator by clicking the read the rest link below.
