Flickr says a third-party e-mail vendor flaw could have uncovered consumer names, emails, IP information, and exercise logs, although passwords and funds stayed safe.
A safety flaw at a third-party e-mail service supplier has doubtlessly uncovered the private particulars of Flickr members. On February 5, 2026, the favored photo-sharing platform was alerted to a vulnerability inside a system managed by one in every of its exterior distributors. This loophole could have allowed unauthorised people to view particular member information.
Flickr, at present operated by SmugMug, acted rapidly to deal with the difficulty, disabling entry to the compromised system inside hours of the invention. In your info, this incident follows the same sample to a current safety report involving Substack, e-newsletter platform. As reported by Hackread.com, a hacker utilizing the alias ‘w1kkid’ claimed on February 2, 2026, to have extracted over 662,000 consumer information from Substack, a breach the corporate’s CEO solely confirmed days later.
Particulars of the Information Publicity
Whereas any safety breach is regarding, in Flickr’s case, passwords and monetary info reportedly remained completely safe. The vulnerability didn’t grant entry to encrypted login credentials or fee card numbers. The info probably in danger included:
- Actual names and registered e-mail addresses
- Logs of consumer exercise on the platform
- IP addresses and basic geographic areas
- Flickr usernames and account sorts (akin to Professional or Free)
Flickr is a significant participant within the pictures world, internet hosting over 28 billion photographs for its 35 million month-to-month customers. It’s value noting, nevertheless, that the corporate has not but specified the precise variety of accounts impacted by this vendor-related difficulty.
The Firm’s Response
Of their official safety discover, Flickr confirmed they’ve already notified the related information safety authorities. To stop future points, they’re at present “strengthening system structure” and growing their oversight of all outdoors companions.
“We sincerely apologize for this incident and for the priority it could trigger. We take the privateness and safety of your information extraordinarily critically, and we’re taking speedy motion to stop any related points by conducting a radical investigation, strengthening our system structure, & additional enhancing our monitoring of third-party service suppliers,” Flickr concluded.
What Flickr Advises You to Do
As we all know it, information leaks are regularly used to gas phishing campaigns. To remain secure, the corporate recommends being cautious of any surprising emails mentioning your Flickr account, explicitly stating that:
“We’ll by no means ask on your password by way of e-mail.”
Additionally, should you use the identical password for Flickr as you do for different web sites, it’s a smart precaution to alter it instantly. Lastly, verify your settings by logging in to your account and reviewing your profile for any unrecognised adjustments.
