Overview
- Flickr detected a vulnerability on February 5 in a system run by an external email provider and disabled access to that system within hours.
- The company is notifying users that names, email addresses, usernames, account types, IP addresses, general location, and activity data may have been exposed.
- The affected provider has not been identified and Flickr has not disclosed how many accounts could be impacted.
- Users are urged to review account settings, watch for phishing attempts, and change reused passwords, with Flickr stressing it will never ask for a password by email.
- Flickr says it is investigating and tightening oversight of third-party services; SecurityWeek reports no public claims of stolen data, and Hackread reports regulators have been notified.