Flickr bug made private images public for nearly 20 days

It seems like it is the season of security lapses and breaches. The newest site added to the list of ones that have faced security issues in the past few weeks is Flickr. The photo-sharing website was hit by a bug that made certain private photos public in the past couple of weeks.

The bug caused a number of photos that had privacy settings turned on to be visible on Flickr between January 18 and February 7. Flickr told users that these unknown number of images were not included in Flickr’s search engines or others but if someone was to browse an affected user’s stream, private photos would be visible to him.

Flickr’s Vice President Brett Wayn sent out messages to affected users informing them about this lapse. He said that the software bug was discovered during routine site maintenance. “Only a small number of Flickr users were impacted, and we are in the process of directly contacting those individuals. This is not a widespread nor an ongoing issue -- the software bug has been identified and fixed,” wrote Wayne in a help thread on Flickr’s forum.

Private images exposed

Flickr is known to be a very quiet site that respects user privacy and has not let breaches like these occur in the past. Considering this fact, it is pretty appalling that this bug went unresolved for almost 20 days.

The bug made another problem area in Flickr apparent. There is a huge trove of images on Flckr that are not appropriate for all users, especially those involving a lot of skin show and it sparked a debate about privacy of such images. As private photos became public, certain users started to worry about their explicit images and videos becoming public. A user, kathynails1 who received a mail informing her that some of her photos were affected wrote, “I had a few naughty photos and they are for friends only.”

Most annoyed by this were Flickr Pro users, people who had paid for additional features on their Flickr accounts. Flickr set ‘any potential impacted photos’ to private in order to ensure user privacy post this issue, causing additional problems to users who had to go through their stream to set images back to public. Also setting an image to private apparently causes its description to be deleted and breaks the code anywhere else the photo may be embedded, thereby causing a lot of trauma to professionals who used Flickr to host images for their websites.

A Yahoo! spokesperson confirmed that the breach caused during routine maintenance was ‘very, very small’ because of which the website was contacting users personally instead of posting a generic update. "We're deeply sorry this happened and that we're working with affected users directly to fix the issue," she said.

Flickr has reinvented itself completely in the recent past to keep up with the trend of ‘social photography’ before this setback. In an attempt to compete with the likes of Instagram, Flickr made changes to its iOS app in December including photo filters amongst other features like better social connect to it.