Substack recently alerted certain users to a security incident where attackers obtained email addresses and phone numbers. The intrusion took place in October 2025, though it was only identified on February 3, 2026, according to BleepingComputer reports.
Substack's CEO, Chris Best, explained that an external actor accessed a restricted set of user information. Passwords, payment information, and other sensitive financial records remained secure. However, certain internal metadata was also compromised.
The platform reports that the vulnerability responsible for the breach has been resolved, with a comprehensive review now in progress. At present, there's no evidence of the exposed information being exploited, yet Substack advises vigilance against potentially fraudulent emails or SMS communications.
Substack has yet to disclose the exact number of impacted users. Separately, a collection of data surfaced on the Breachforums hacking site, purportedly including around 697,000 Substack entries.
The story first ran on our affiliated outlet M3, having been adapted and translated from its Swedish origins.
Viktor covers technology news and features for related publications M3 and PC för Alla. His interests center on innovations in tech, staying current with new gadget launches and key trends shaping the consumer electronics sector.