CyberInsider

Reliable cybersecurity news and resources

General

Latest News

About

CyberInsider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

Flickr suffers data breach exposing user emails and location data

By Leave a Comment
LinkedInReddit

Flickr has begun sending data breach notifications to users after a third-party email service provider suffered a security incident that may have exposed personal user information.

While affected users are now receiving alert emails, Flickr has yet to make any public statements or acknowledge the breach on official channels.

According to the notification email seen by multiple users and shared across Reddit and Facebook, the incident was discovered on February 5, 2026. A vulnerability in a system operated by an unnamed third-party email service provider may have enabled unauthorized access to sensitive user metadata. The exposed data includes:

  • Names
  • Email addresses
  • Account types
  • IP addresses
  • Approximate location data
  • Flickr usernames
  • User activity on the platform

Flickr’s notice emphasizes that no passwords or payment card details were compromised.

The notification outlines that access to the vulnerable system was shut down within hours of detection. Flickr also claims to have contacted the third-party provider to demand a full investigation, notified relevant data protection authorities, and begun reinforcing its own third-party security practices.

CMcalgary | Facebook

Founded in 2004 and currently owned by photo-sharing company SmugMug, Flickr is a longstanding platform that hosts billions of images and caters to a wide range of photographers, from casual users to professionals. While its prominence has declined in recent years, Flickr still maintains a sizable user base, including paid “Pro” subscribers. The platform’s role as a data-rich archive of geotagged and timestamped media means that even seemingly minor leaks can have outsized privacy implications.

The breach notifications warn users to be on alert for phishing attempts referencing their Flickr accounts, advising caution with any unexpected emails and reaffirming that Flickr will never request passwords via email. The company also urges users who reuse their Flickr credentials across other services to consider changing those passwords.

Despite the direct user outreach, Flickr has not published any official blog posts, press releases, or social media updates about the breach at the time of writing. The company did not respond to our requests for comment.

If you liked this article, be sure to follow us on X/Twitter and also LinkedIn for more exclusive content.

LinkedInReddit

More from CyberInsider

About Amar Ćemanović

Amar Ćemanović is an experienced editor and trained engineer with a keen eye for detail and a passion for technology. 
Based in Bosnia, Amar specializes in producing high-quality, engaging content. He holds a Master’s degree in engineering, which helps him maintain a meticulous approach to all editorial work. Amar brings a well-rounded knowledge base, covering everything from tech solutions to privacy tools.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Share to...
BlueskyBufferCopyFlipboardHacker NewsLineLinkedInMastodonMessengerMixNextdoorPinterestPrintRedditSMSTelegramThreadsTumblrVKWhatsAppXingYummly