A security incident affecting the user data of popular photo sharing platform Flickr has been confirmed to be the result of a compromise within a third-party service integrated into Flickr’s operation, rather than the company’s core infrastructure.
According to the company, sensitive customer information was exposed through a breach involving an external email service provider, which exposed an undisclosed number of users’ sensitive data.
In spite of Flickr’s emphasis on the fact that the intrusion was detected and contained within hours, the incident illustrates the persisting risks associated with third-party dependencies within modern cloud and SaaS environments.
An unauthorized access was discovered on February 5, which resulted in immediate incident response measures as indicated in a breach notification circulated to affected users and reviewed by The Register.
An external provider’s vulnerable endpoint was identified as a source of malicious activity by Flickr, which was immediately isolated in order to prevent further data exposure or lateral movement. In addition to revocation of pathways and expulsion of threat actors, notifications were also sent to the relevant regulatory authorities, data protection bodies, and affected customers regarding the malicious activity.
A thorough forensic investigation has been commissioned by the company’s third-party provider, and detailed findings will be shared as soon as possible, signaling the company’s commitment to reviewing vendor security controls and accountability in a broader way.
Following notification to users, the incident disclosure indicates that Flickr’s exposure was caused by a security breach within an external email service provider it uses rather than a compromise of its primary platform itself.
Among the information that could potentially have been accessed by unauthorized parties were real names, email addresses, IP addresses, and limited account activity information. Flickr declined to identify the third-party provider involved in the incident and did not specify how many users may have been affected, merely stating that investigation continues to determine the scope of the impact.
Since Flickr’s founding in 2004, it has grown into one of the world’s largest communities of photographers, hosting over 28 billion photos and videos, and reporting a monthly active user base of over 35 million users, with over 800 million page views.
The company stated in its statement that immediate containment measures were initiated following the detection of the issue. These measures included revoking access to the affected systems, severing connections with the vulnerable endpoints, and engaging a third-party provider to conduct an extensive forensic examination.
In parallel with these actions, Flickr notified relevant data protection authorities and initiated an internal security assessment intended to strengthen governance and technical controls across third-party integrations.
In its user advisory, Flickr urged customers to be aware of potential phishing attempts that may impersonate official communications in order to exploit this incident.
As part of the company’s recommendations, the company also recommended that customers review their account act
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: