Update Security Notice - June 26
Last Friday, we informed our users about the security incident we discovered on June 17th. The incident took place across June 16th and 17th. With this update we would like to share the findings of our investigation.
Our support team first noticed unusual activity after seeing mail delivery problems to some of our users. Upon discovery, we logged out all WeTransfer Plus users as a precaution, reset the passwords of those that could potentially have been affected in the time frame of the incident, and blocked Transfer links to ensure the security of our users' content. Additionally, we hired an external security firm to assist with the investigation.
Our investigation shows that around 232.000 people - 2.5 percent of our users on June 16th and 17th - have been affected. These users have been informed about their specific situation. We believe that the vast majority have had their email addresses shared with no compromise of their Transfer data. We have reached out personally to users where our investigations have shown someone's transfer may have been viewed or downloaded, and we continue to follow up with them.
From our investigations we can currently conclude that the incident, which has since been resolved, was caused by a hacker adding recipients to our service emails. This resulted in our service emails being co-delivered to unintended email addresses. We have informed the data protection authorities and are working with the security firm and law enforcement on further investigating the incident.
We understand how important the data of our users is and never take their trust in our service for granted. We continue to work hard to make sure we keep our users’ data safe.
WeTransfer makes tools to move ideas. Founded in 2009 in Amsterdam as a simple, well-designed file sharing service for the creative community, WeTransfer has grown to include tools that scale across the creative spectrum, including editorial platform WePresent (with 2M monthly readers), mobile app 'Collect by WeTransfer' (with 4M monthly users), quick slide-making tool Paste® (with 40,000 active teams), immersive sketching tool Paper® (with more than 25M downloads), and the original web platform with 50M monthly users and over a billion files sent each month.
From the beginning, WeTransfer has prioritized bringing “offline” values - trust, transparency, and ethics - online. This means having a responsible data policy and tools that don’t distract people from their creative flow. WeTransfer has pioneered a new means of online advertising, resulting in the platform’s full-page wallpapers, designed by our award-winning in-house creative studio. Advertisers include industry-leading brands like Apple, Saint Laurent, Google, Balenciaga, Samsung, Netflix, Adidas, and Squarespace.
Since its founding, WeTransfer has proudly supported the creative communities and given up to 30% of advertising space to support the arts, donating over 5 billion impressions in 2017. Through our ongoing advertising grant program and content platform, WePresent, we have partnered with hundreds of groundbreaking artists and organizations, including Björk, King Krule, FKA twigs, Ryan McGinley, Ami Vitale, the Nelson Mandela Foundation, the UN Development Program, the World Wildlife Foundation and the Prince Estate. In 2016, WeTransfer launched the world’s first free Masters of the Arts in design thinking with the University of the Underground and Worldwide FM, the global radio station run by legendary BBC DJ Gilles Peterson.
Following a $25 million investment from Highland Europe in 2015, WeTransfer opened a US office in Venice Beach, Los Angeles, to add to the Amsterdam headquarters. In 2018, WeTransfer acquired popular creative apps Paper® and Paste® and expanded its US presence to Seattle and New York City.