Skip to content

Information Security News

  • Home
  • Cyber Security
  • Cybercriminals
  • Data Leak
  • Google
    • Android
  • Information Security
  • Linux
  • Malware
  • Microsoft
    • Windows
  • Open Source Tool
  • Vulnerability
  • Technology

Information Security News

  • Home
  • Cyber Security
  • Cybercriminals
  • Data Leak
  • Google
    • Android
  • Information Security
  • Linux
  • Malware
  • Microsoft
    • Windows
  • Open Source Tool
  • Vulnerability
  • Technology
  • Data Leak

Lens on Liability: Flickr Warns 35 Million Users of Data Exposure via Third-Party Email Leak

by Nam Phong · February 10, 2026

The ubiquitous photo-hosting platform Flickr has disseminated notifications to its clientele regarding a potential data breach precipitated by a security failure at a third-party electronic correspondence provider. The anomaly was identified in early February, and the corporation asserts that access to the compromised system was terminated within a mere matter of hours.

According to the formal communique, Flickr received an alert on February 5, 2026, concerning a vulnerability within the infrastructure of a contractor responsible for automated email dispatches. Due to this technical oversight, adversaries could theoretically have gained unauthorized access to a segment of Flickr’s user data. Upon receiving the warning, the organization immediately neutralized the problematic node and severed all connections to the vulnerable gateway.

Flickr emphasizes that sensitive credentials, such as passwords and financial information, remain uncompromised. However, the data potentially at risk includes usernames, email addresses, account monikers and types, IP addresses, approximate geographical coordinates, and internal service activity logs. The precise magnitude of the affected records has not been publicly disclosed.

The corporation has formally engaged the service provider, demanding a comprehensive forensic investigation. Concurrently, Flickr has initiated an internal audit and is instituting more rigorous protocols for third-party vendor management. Data protection regulatory authorities across various jurisdictions have already been apprised of the incident.

Users are urged to exercise heightened vigilance regarding missives purportedly originating from Flickr and to refrain from engaging with suspicious links. The service reiterates that it shall never solicit passwords via email. Account holders are advised to review their profile configurations and to update their passwords, particularly if the same credentials are utilized across disparate platforms.

In its address to the community, the Flickr team expressed profound regret for the potential distress caused and affirmed that they are fortifying their security architecture and oversight of external dependencies to mitigate the risk of future recurrences. A dedicated support line has been established through the official help center to address user inquiries.

Related coverage

  • FortiBleed Firewall Attack Exposes UK Government Data
  • Libya Central Bank Breach Leaks Internal Data
  • Temu Data Leak Claim: 310M Records for Sale
  • NAIC PeopleSoft Cyberattack: ShinyHunters Claims Massive Breach
  • Klue Supply Chain Breach Compromises LastPass Data

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee Logo Buy Me a Coffee PayPal
Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce

Tags: account securitycybersecurity news 2026data breachdata privacyemail service providerflickrGDPRphishing alertPII exposureSmugMugthird-party risk

Follow:

  • Next story Root via DDNS: The Multi-Stage Exploit Dissecting the TP-Link Omada ER605
  • Previous story Shadows in the Server: How the Warlock Group Weaponized a “Forgotten” VM to Breach SmarterTools

  • Recent Posts
  • Popular Posts
  • Tags
  • GhostCommit AI vulnerability diagram illustrating prompt injection against AI coding assistants

    Vulnerability

    The GhostCommit Vulnerability: AI Assistants Weaponized via Images

    July 14, 2026

  • Critical Joomla extension vulnerabilities diagram, iCagenda and Balbooa Forms exploit overview

    Malware

    Critical Joomla Extension Vulnerabilities Actively Exploited

    July 14, 2026

  • Debian 13.6 point release updates with UEFI Secure Boot and Linux kernel patches

    Linux

    Debian 13.6 Released: Crucial Security and UEFI Fixes

    July 14, 2026

  • Interpol Operation First Light 2026 global fraud bust 5811 arrests 293 million dollars seized

    Cybercriminals

    Operation First Light 2026: 5,811 Arrested in Global Fraud Bust

    July 13, 2026

  • Ransomware negotiator Angelo Martino sentenced 70 months for betraying clients to BlackCat ALPHV

    Malware

    Ransomware Negotiator Sentenced for Betraying Clients to BlackCat

    July 13, 2026

  • Apache Camel vulnerabilities enabling server-side request forgery and authentication bypass in JMS and WebSocket connectors

    Vulnerability

    Apache Camel Patches Five High-Severity Vulnerabilities

    July 9, 2026

  • OpenSUSE Leap 15.4 Beta releases, Linux distributions

    Linux

    OpenSUSE Leap 15.4 Beta releases, Linux distributions

    May 30, 2020

  • Ubuntu 16.04.6 LTS released: fix security vulnerabilities

    Linux

    Ubuntu 16.04.6 LTS released: fix security vulnerabilities

    March 1, 2019

  • GhostBSD 23.10.1 released, FreeBSD distribution

    Linux

    GhostBSD 23.10.1 released, FreeBSD distribution

    May 1, 2020

  • Solus 4.4 Fortitude releases, Linux distribution

    Linux

    Solus 4.4 Fortitude releases, Linux distribution

    January 26, 2020

  • AI AI security Android Apple APT BOTNET China CISA cloud security cryptocurrency cyberattack cybercrime Cyber Espionage cybersecurity Cybersecurity 2026 data breach Github google hacking Infosec InfoSec 2026 Infostealer Linux Linux Kernel malware Microsoft network security open source Penetration Testing phishing privacy privilege escalation Prompt Injection ransomware RCE remote code execution security Social Engineering supply chain attack Tech News 2026 threat intelligence vulnerability windows Windows 11 zero-day
  • Home
  • About Us
  • Contact Us
  • DMCA NOTICE
  • Privacy Policy

Information Security News © 2026. All Rights Reserved.

Powered by  - Designed with Hueman Pro