Quantum key distribution (QKD) promises information theoretic secure key as long as the device performs as assumed in the theoretical model. One of the assumptions is an absence of information leakage about individual photon detection outcomes of the receiver unit. Here we investigate the information leakage from a QKD receiver due to photon emission caused by detection events in single-photon detectors (backflash). We test commercial silicon avalanche photodiodes and a photomultiplier tube, and find that the former emit backflashes. We study the spectral, timing and polarization characteristics of these backflash photons. We experimentally demonstrate on a free-space QKD receiver that an eavesdropper can distinguish which detector has clicked inside it, and thus acquire secret information. A set of countermeasures both in theory and on the physical devices are discussed.