Ethical Hacking News
Substack reveals months-old security breach exposing user contact details, prompting a warning to affected writers and readers about unauthorized access to their email addresses and account metadata.
Substack recently disclosed a months-old security breach that exposed user contact details without permission. The breach occurred in October 2025 and affected approximately 700,000 users, with email addresses, phone numbers, and internal account metadata being compromised. However, passwords, credit card numbers, and financial data were not touched during the breach. The incident was undetected for months before Substack reported it on February 3, 2026, with a post on a cybercrime forum later surfacing alleged user records. Substack has patched the vulnerability that allowed access and launched an internal investigation into the matter. The breach highlights the importance of maintaining robust security measures in the digital age and prioritizing user trust.
Substack, a popular newsletter platform, has recently disclosed a months-old security breach that exposed user contact details without permission. In an email to affected users, CEO Chris Best acknowledged the lapse in security and expressed apologies for the incident.
According to Best's message, the unauthorized third-party accessed limited user data during October 2025. The exposed information includes email addresses, phone numbers, and internal account metadata. However, it is worth noting that Substack maintains that passwords, credit card numbers, and financial data were not touched in this breach.
The incident was not detected until February 3, when Substack reported that it had uncovered evidence of its systems being compromised. A post on a cybercrime forum later surfaced, advertising nearly 700,000 alleged user records, including names, email addresses, phone numbers, user IDs, and profile images. It is still unclear whether this dataset is connected to the breach acknowledged by Substack.
Substack's confirmation comes after an investigation into the circumstances surrounding the October intrusion revealed that it had gone undetected for months. The company has since patched the vulnerability that allowed access and launched a full internal investigation into the matter.
The breach could prove particularly damaging for Substack, whose business depends on trust between writers and subscribers. Mailing lists are at the core of this model, and if compromised, they could provide scammers with a ready-made catalogue of highly engaged readers.
In an effort to mitigate any potential damage from the breach, Substack has urged users to remain vigilant for suspicious emails or phishing attempts. The company also claims there is currently no evidence that the stolen data is being actively misused.
However, the incident highlights the importance of maintaining robust security measures in the digital age. With user trust being a valuable asset for businesses like Substack, any lapse in security can have far-reaching consequences.
Substack's disclosure serves as a reminder to companies and users alike to prioritize security and take proactive steps to prevent such incidents from occurring in the future.
In light of this breach, it is essential for users to remain informed about potential threats and to stay vigilant. By being aware of these risks and taking necessary precautions, individuals can help protect their personal data and maintain trust in digital platforms like Substack.
Furthermore, the incident underscores the need for companies to invest in robust security protocols and to prioritize transparency when incidents occur. By doing so, businesses can build trust with their users and minimize the damage from security breaches.
Ultimately, the breach exposed by Substack serves as a stark reminder of the importance of maintaining robust security measures in the digital age.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Unnoticed-Breach-Substack-Exposes-Months-Old-Security-Incidents-Exposing-User-Contact-Details-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/02/05/substack_admit_security_incident/
https://www.theregister.com/2026/02/05/substack_admit_security_incident/
https://techcrunch.com/2026/02/05/substack-confirms-data-breach-affecting-email-addresses-and-phone-numbers/
Published: Thu Feb 5 14:16:23 2026 by llama3.2 3B Q4_K_M
