If you happen to’re a Substack consumer, your knowledge would possibly’ve been leaked
Substack has knowledgeable a few of its customers of a knowledge breach wherein e-mail addresses and cellphone numbers had been stolen. The assault occurred in October 2025, however the breach was first found on February third, 2026, experiences BleepingComputer.
Based on Substack CEO Chris Greatest, an unauthorized get together gained entry to restricted consumer knowledge. No passwords, cost particulars, or different monetary knowledge had been affected. Some inner metadata was leaked.
Substack states that the safety flaw has now been mounted and {that a} full investigation is underway. There are at present no indicators that the stolen knowledge has been misused, however customers are urged to be cautious and be careful for suspicious emails or textual content messages.
The corporate has not confirmed what number of accounts have been affected. A knowledge set was printed on the hacker discussion board Breachforums that allegedly comprises roughly 697,000 data from Substack.
This text initially appeared on our sister publication M3 and was translated and localized from Swedish.
