Substack has disclosed a data breach where a hacker leaked user records, including email addresses and phone numbers, from the platform's systems, though no passwords or financial information were exposed. The breach, occurring in October 2025 and discovered in February 2026, has prompted Substack to notify users and advise vigilance against suspicious communications.
The Substack data breach highlights the importance of early detection and response to unauthorized access incidents. Despite the breach occurring months before detection, the lack of immediate evidence of data misuse underlines the necessity for continuous monitoring and threat intelligence to mitigate potential phishing and identity exploitation risks. Implementing robust security measures to detect anomalous activities early and educating users on recognizing phishing attempts should be a priority.