Ethical Hacking News
Popular newsletter platform Substack has revealed that it was breached by attackers in October 2025, with unauthorized third-party access to limited user data. Despite efforts to downplay the incident, security experts have expressed concern over the handling of the breach by Substack.
Substack was breached by attackers in October 2025, resulting in unauthorized access to limited user data. The breach exploited a flaw in Substack's system, allowing attackers to access sensitive information without permission. Credit card numbers, passwords, and financial information were not accessed during the breach, but security experts warn of potential phishing attempts. Substack has been accused of being slow to respond to the incident and having inadequate cybersecurity measures in place. The breach raises questions about the responsibilities of tech companies when it comes to protecting user data.
In a shocking turn of events, popular newsletter platform Substack has revealed that it was breached by attackers in October 2025. The breach, which was only recently discovered by the company's CEO Chris Best, saw unauthorized third-party access to limited user data, including email addresses, phone numbers, and other internal metadata. Despite efforts to downplay the incident, security experts have expressed concern over the handling of the breach by Substack.
According to reports, the attackers exploited a flaw in Substack's system that allowed them to access sensitive information without permission. The breach was first disclosed by a threat actor who leaked a database containing 697,313 records of allegedly stolen data on the BreachForums hacking forum. The leak claimed that the attacker used a "noisy and patched fast" scraping method to obtain the data.
While Substack has stated that credit card numbers, passwords, and financial information were not accessed during the breach, security experts have warned of potential phishing attempts that could exploit the stolen information. In a statement released earlier this week, Best assured affected users that the company had fixed the problem with its system and was working to prevent further exploitation.
However, critics have accused Substack of being slow to respond to the incident, with some arguing that the breach highlights a broader issue with cybersecurity negligence in the tech industry. "This is not an isolated incident," said one security expert, who wished to remain anonymous. "Substack's response to this breach has been woefully inadequate, and it's clear that they had prior knowledge of the vulnerability but failed to act on it."
Substack's reputation for prioritizing user data privacy has taken a hit following the breach. Since its launch in 2017, the platform has gained popularity among independent journalists and content creators, reaching five million paid subscriptions by March 2025.
The incident raises questions about the responsibilities of tech companies when it comes to protecting user data. While Substack has stated that they have addressed the flaw exploited in the attack, security experts argue that more needs to be done to prevent similar incidents in the future.
"The tech industry is often criticized for prioritizing profits over user safety," said another security expert. "Substack's breach is a stark reminder of the importance of robust cybersecurity measures and transparency in the face of data breaches."
As Substack continues to navigate the fallout from this incident, one thing is clear: the company's users deserve better.
Related Information:
https://www.ethicalhackingnews.com/articles/Substack-Data-Breach-A-Cautionary-Tale-of-Cybersecurity-Negligence-ehn.shtml
https://www.bleepingcomputer.com/news/security/newsletter-platform-substack-notifies-users-of-data-breach/
https://thecyberexpress.com/substack-discloses-breach/
https://thecybersecguru.com/news/substack-data-breach-february-2026-phones-emails-exposed/
Published: Thu Feb 5 07:03:05 2026 by llama3.2 3B Q4_K_M
