- Substack confirms October 2025 breach exposing user emails, phone numbers, and metadata
- CEO Chris Best assured no financial data or credentials were accessed; hole patched and investigation ongoing
- BreachForums thread advertises ~700K stolen records, despite Substack claiming no evidence of abuse so far
Substack has confirmed threat actors broke into its systems and stole user emails and phone numbers.
On social media people are sharing screenshots of a data breach notification letter, sent to affected individuals by Substack CEO Chris Best saying the company found “evidence of a problem with our systems” on February 3. This problem allowed an unidentified and unauthorized third party to “access limited user data without permission, including email addresses, phone numbers, and other internal metadata.”
Best said the breach took place in October 2025, and that credit card information, login credentials, and financial information, were not accessed.
“Noisy” attack
He further stated that the hole the miscreants used to break in was patched, and that a full investigation is under way. Substack is also “taking steps to improve our systems and processes to prevent this type of issue from happening in the future.”
While the platform claims there is no evidence of the data being abused in the wild, BleepingComputer found a new thread on the infamous BreachForums, in which a threat actor advertised a database of almost 700,000 records stolen from the company.
According to the attackers, they scraped the data fast, since the scraping method they used was “noisy and patched fast”.
For those unfamiliar with Substack, it is a newsletter platform with social network elements, boasting some 17 million users at the moment.
Substack is rather popular among writers and journalists who use to send posts directly to subscribers via email and a web page.
It’s popular because it lets creators own their audience and make money through paid memberships, while Substack handles payments, hosting, and distribution. It’s commonly used for journalism, opinion writing, tech analysis, finance, culture, and niche expert content.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/hmvTnyufaSfx7xDwVBqGAX-2300-80.png
Source link
