Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Substack says intruder lifted emails, phone numbers

Substack disclosed that about 700,000 user email addresses and phone numbers were exposed in a breach detected four months after the October 2025 attack.

  • On February 3, 2026, Substack said it discovered evidence of a system compromise and emailed affected users this week, with CEO Chris Best confirming the breach exposed emails, phone numbers, and metadata in October 2025.
  • Substack says an unauthorized third party exploited a flaw in October, with detection delayed for four months; it has since patched the flaw and launched an internal investigation.
  • A dataset of 697,313 alleged records surfaced on BreachForums, with BleepingComputer and other security outlets reporting it includes names, emails, and phone numbers, though Substack has not tied it definitively to its October breach.
  • Substack says it has found no evidence of misuse but warns users to watch for phishing and says affected account holders will be contacted directly by Substack via email.
  • Substack's scale—more than 50 million active subscriptions—raises stakes for exposed data, following its July 2020 accidental email exposure, while key questions about scope and detection remain.
Insights by Ground AI

21 Articles

Tech RadarTech Radar
Center

Substack data breach confirmed: user phone numbers email addresses all stolen in attack, here's what we know

Popular creator platform Substack breached in October 2025, but hasn't noticed until months later.

·United Kingdom
Read Full Article
The RegisterThe Register
Center

Substack says intruder lifted emails, phone numbers

: Contact details were accessed in an intrusion that went undetected for months, the blogging outfit says

Read Full Article
EngadgetEngadget
Lean Left

Substack CEO informs users of a data breach

The newsletter platform only just became aware of the hack, which happened more than three months ago.

·United States
Read Full Article
TechCrunchTechCrunch
Center

Substack confirms data breach affects users' email addresses and phone numbers

Substack said that customer data was accessed in October 2025, but wasn't discovered until early February.

·United States
Read Full Article
PC MagPC Mag
Lean Left

Substack Newsletter Platform Data Breach Saw Phone Numbers, Emails Exposed

If you’re impacted by the security incident, you’ll hear directly from the brand with an email from Substack's CEO.

·United States
Read Full Article
The VergeThe Verge
Lean Left

Substack data breach exposed users’ emails and phone numbers

Substack is notifying some users that the email addresses and phone numbers linked to their accounts were exposed in a "security incident" last year. In an email to account holders, Substack CEO Chris Best said that a hacker had accessed internal data without authorization in October 2025, but that passwords, credit card numbers, and other financial information remain secure. "On February 3rd, we identified evidence of a problem with our systems…

·United States
Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 57% of the sources are Center
57% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

downthetubes.net broke the news in on Thursday, February 5, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Substack icon

Substack

Technology icon

Technology

Cyber Security icon

Cyber Security

Cybersecurity icon

Cybersecurity

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal