Flickr data exposure linked to third-party vendor flaw

As reported by HackRead, Flickr has announced a data exposure incident potentially affecting its users. The popular photo-sharing platform was alerted on February 5, 2026, to a vulnerability within a system managed by an external email service provider. This security lapse may have allowed unauthorized access to certain user information.

The exposure, which did not compromise passwords or payment details, could have leaked user names, email addresses, IP data, and activity logs. Flickr, operated by SmugMug, acted swiftly to disable access to the compromised system within hours of discovery. This incident bears resemblance to a recent breach involving the newsletter platform Substack, where over 662,000 user records were reportedly exfiltrated. Flickr has confirmed it is notifying relevant data protection authorities and is strengthening its system architecture and oversight of third-party partners to prevent future occurrences.

Source: HackRead