-
Substack’s CEO informed customers via email on Wednesday that a data breach occurred.
-
The company found out about the breach on February 3, after the hacker posted about it on a dark web forum.
-
The compromised data includes email addresses and phone numbers, but financial information was not exposed, according to the company.
Popular paid newsletter platform Substack confirmed that a data breach occurred. On February 3, Substack discovered that someone had accessed their user information without authorization.
Substack’s Chief Executive Officer, Chris Best, notified customers of the security breach after sending them out an alert.
What Information Was Leaked?
The accessed data is described as “limited user data.” As per the notification, it includes email addresses and phone numbers.
The breach also exposed other personal metadata. Looks like the data comes from a hack way back in October 2025. Someone online, no one knows who, claims they’re responsible for the attack. They claim their info unlocked about 700,000 user accounts. The claimed data trove is extensive. It supposedly includes full names, user IDs, and Stripe payment processor IDs.
The list also included profile pictures, account bios, and social media handles. Substack has not verified the hacker’s claims about the breach’s size. The company did confirm some positive news. This incident did not compromise credit card numbers, passwords, or other financial data.
Substack’s Response and User Advice
In his communication to users, Chris Best described Substack’s initial measures taken to respond to this security issue, including any efforts made by Substack employees since the event occurred. He emphasized the importance of strengthening system security and established updated processes to avoid this type of incident in the future.
However, Substack has not published a public statement beyond the customer letters. They have also not responded to requests for comments and questions by the media, and the scope of the data breach remains unanswered.
Substack is warning users to be vigilant; they urge customers to be cautious of any random texts or unsolicited emails they receive. This advice is standard following data breaches because scammers usually use the stolen contact details for targeted phishing attacks.
The Bigger Picture for Substack
This security incident hits a major player in digital media. Launched in 2017, Substack is now one of the more popular solutions for consumers to read and consume written content, with over 5 million paid Substack users. They also have approximately 20 million monthly visitors to their various online databases. Approximately 17,000 writers earn money through the system.
The platform provides publishing and payment tools. It handles analytics and design infrastructure for subscription content. For a service of this scale, a data breach affects a vast community. The situation potentially impacts both writers and their subscribers.
Observers will closely watch the company’s next steps. How it handles the investigation and communicates updates matters. A platform built on direct creator-audience relationships relies on user trust. This breach tests that trust.
The online publishing marketplace is highly competitive, and the industry’s participants – publishers and readers alike exhibit a tremendous amount of caution regarding their privacy and security.
As a result, all concerned parties are monitoring the manner in which Substack will manage this incident very closely over the next few weeks. Its ability to secure user data will be under scrutiny.
