- Substack confirms October 2025 breach exposing user emails, phone numbers and metadata
- CEO Chris Best assured that no financial data or identifying information was accessed; hole repaired and investigation underway
- BreachForums thread claims around 700,000 records stolen, although Substack claims no evidence of abuse so far
Substack has confirmed that malicious actors have broken into its systems and stolen users’ emails and phone numbers.
On social media, people are sharing screenshots of a data breach notification letter, sent to affected individuals by Substack CEO Chris Best, claiming the company found “evidence of an issue with our systems” on February 3. This issue allowed an unidentified and unauthorized third party “to gain unauthorized access to limited user data, including email addresses, phone numbers, and other internal metadata.”
Best said the breach occurred in October 2025 and credit card information, login credentials and financial information were not accessed.
“Noisy” attack
He further said that the hole that the miscreants used to break into had been repaired and a thorough investigation was underway. Substack is also “taking steps to improve our systems and processes to prevent this type of issue from occurring in the future.”
Although the platform claims that there is no evidence of data abuse in nature, BeepComputer found a new thread on the infamous BreachForums, in which a malicious actor announced a database of nearly 700,000 records stolen from the company.
According to the attackers, they recovered the data quickly because the scraping method they used was “noisy and fixed quickly.”
For those unfamiliar with Substack, it is a newsletter platform with social media elements, which currently has some 17 million users.
Substack is quite popular among writers and journalists who send articles directly to subscribers via email and web page.
It is popular because it allows creators to own their audience and earn money through paid subscriptions, while Substack handles payments, hosting, and distribution. It is commonly used for journalism, opinion writing, technology analysis, finance, culture, and specialized niche content.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
