Substack Data Breach: User Information Leaked by Hacker

Substack Data Breach: User Information Leaked by Hacker

Posted on By CWS

Substack, a prominent digital platform known for facilitating subscription-based publishing, has reported a security breach that resulted in unauthorized access to user data. The breach, which was first detected in February, was traced back to an incident that occurred in October 2025.

Details of the Breach

Substack has informed its users about the security lapse that involved the exposure of email addresses, phone numbers, and internal metadata. However, the company assured that sensitive information like passwords and payment details remained secure. This breach was brought to light after a hacker disclosed user data on an online forum.

The hacker claims to have accessed nearly 700,000 records by scraping the platform, including names, profile pictures, and user biographies. They described the breach as ‘noisy,’ which prompted Substack to implement rapid countermeasures.

Company’s Response to the Incident

Substack’s CEO, Chris Best, has communicated with users, emphasizing that there is no evidence suggesting the misuse of the leaked information. The company has urged users to remain vigilant against potential phishing attempts via suspicious emails or texts.

Despite the breach, Substack reassures users that core financial data has not been compromised, and they remain committed to enhancing their security infrastructure to prevent future incidents.

Impact and Broader Context

The breach at Substack follows a series of similar incidents affecting other companies, highlighting the growing threat of cybercrime in digital services. Such breaches emphasize the need for robust cybersecurity measures to protect user information in an increasingly interconnected world.

As Substack continues to address this issue, users and digital platforms alike are reminded of the critical importance of safeguarding personal data against unauthorized access and potential misuse.

This incident serves as a stark reminder of the vulnerabilities that exist in digital platforms and the continuous efforts required to protect user data from cyber threats.

Security Week News Tags:, , , , , , , , , , , , , ,

Related Posts

Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking Security Week News
Echo Raises Million in Series A Funding Echo Raises $35 Million in Series A Funding Security Week News
Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed Security Week News
Google Warns UK Retailer Hackers Now Targeting US Google Warns UK Retailer Hackers Now Targeting US Security Week News
Instagram Fixes Password Reset Vulnerability Amid User Data Leak Instagram Fixes Password Reset Vulnerability Amid User Data Leak Security Week News
Helmet Security Emerges From Stealth Mode With Million in Funding Helmet Security Emerges From Stealth Mode With $9 Million in Funding Security Week News