Flickr says a third-party e mail vendor flaw could have uncovered person names, emails, IP knowledge, and exercise logs, although passwords and funds stayed safe.
A safety flaw at a third-party e mail service supplier has doubtlessly uncovered the private particulars of Flickr members. On February 5, 2026, the favored photo-sharing platform was alerted to a vulnerability inside a system managed by one in all its exterior distributors. This loophole could have allowed unauthorised people to view particular member knowledge.
Flickr, at present operated by SmugMug, acted rapidly to deal with the problem, disabling entry to the compromised system inside hours of the invention. In your data, this incident follows an identical sample to a latest safety report involving Substack, e-newsletter platform. As reported by Hackread.com, a hacker utilizing the alias ‘w1kkid’ claimed on February 2, 2026, to have extracted over 662,000 person information from Substack, a breach the corporate’s CEO solely confirmed days later.
Particulars of the Knowledge Publicity
Whereas any safety breach is regarding, in Flickr’s case, passwords and monetary data reportedly remained totally safe. The vulnerability didn’t grant entry to encrypted login credentials or fee card numbers. The info presumably in danger included:
- Actual names and registered e mail addresses
- Logs of person exercise on the platform
- IP addresses and normal geographic areas
- Flickr usernames and account sorts (comparable to Professional or Free)
Flickr is a significant participant within the images world, internet hosting over 28 billion photos for its 35 million month-to-month customers. It’s price noting, nonetheless, that the corporate has not but specified the precise variety of accounts impacted by this vendor-related challenge.
The Firm’s Response
Of their official safety discover, Flickr confirmed they’ve already notified the related knowledge safety authorities. To stop future points, they’re at present “strengthening system structure” and rising their oversight of all exterior companions.
“We sincerely apologize for this incident and for the priority it might trigger. We take the privateness and safety of your knowledge extraordinarily severely, and we’re taking rapid motion to stop any comparable points by conducting an intensive investigation, strengthening our system structure, & additional enhancing our monitoring of third-party service suppliers,” Flickr concluded.
What Flickr Advises You to Do
As we all know it, knowledge leaks are regularly used to gas phishing campaigns. To remain protected, the corporate recommends being cautious of any sudden emails mentioning your Flickr account, explicitly stating that:
“We’ll by no means ask to your password by way of e mail.”
Additionally, in the event you use the identical password for Flickr as you do for different web sites, it’s a wise precaution to vary it instantly. Lastly, examine your settings by logging in to your account and reviewing your profile for any unrecognised adjustments.
