What user data was accessed in the Substack security incident?

The security incident in October 2025 resulted in unauthorized access to user email addresses and phone numbers.

Were passwords and financial information compromised in the Substack breach?

No, Substack has stated that passwords, credit card numbers, and other financial information remained secure during the incident.

What steps is Substack taking after the security incident?

Substack has fixed the security problem, is investigating the breach, and is bolstering its systems to prevent future issues.

Home / Technology / Substack Data Breach: Emails & Phones Exposed

Substack Data Breach: Emails & Phones Exposed

5 Feb

•

Summary

Substack reported a security incident in October 2025.
Hackers accessed user email addresses and phone numbers.
Passwords and financial data remained secure.

Substack Data Breach: Emails & Phones Exposed

A security incident in October 2025 resulted in unauthorized access to limited user data on Substack. The platform recently notified affected users that their email addresses and phone numbers were compromised. Substack CEO Chris Best confirmed that the breach did not expose passwords or financial details. The company has since addressed the system vulnerability and launched a full investigation. They are also enhancing security measures to prevent future occurrences. Best conveyed his sincere apologies to users for the data protection failure, emphasizing the company's commitment to user privacy. Users are advised to exercise caution regarding potential suspicious emails or texts.

Disclaimer: This story has been auto-aggregated and auto-summarised by a computer program. This story has not been edited or created by the Feedzop team.