Photo-sharing community platform Flickr is notifying users of a data security incident that exposed their personal information.
The popular online platform for image and video hosting, sharing, and management is telling users that the incident involves a third-party email service provider.
“On February 5, 2026, we were alerted to a vulnerability in a system operated by one of our email service providers,” Flickr said. “This flaw may have allowed unauthorized access to some Flickr member information. We shut down access to the affected system within hours of learning about it.”
The impacted service provider has not been named.
Exposed information includes names, email addresses, usernames, account types, IP addresses, general location, and Flickr activity data.
The company pointed out that passwords and payment card numbers were not affected.
Flickr’s notification states that certain user data may have been exposed, but it does not indicate that hackers actually accessed or stole the information; it only notes that unauthorized access could have occurred.
Nevertheless, the company urged users to be cautious of Flickr-themed phishing emails.
SecurityWeek has not seen any threat actor — ransomware group or other cybercrime actor — publicly claiming to have stolen Flickr data.
Related: Substack Discloses Security Incident After Hacker Leaks Data
Related: Hackers Leak 5.1 Million Panera Bread Records
Related: Crunchbase Confirms Data Breach After Hacking Claims
