Excerpt from PCMag Article, Published on February 5, 2026
Substack confirmed a data breach that exposed user email addresses and phone numbers. The incident has raised new concerns about data security on newsletter platforms that handle large volumes of personal information. According to the company, an unauthorized party gained access to internal systems in October 2025. Substack discovered the issue in early February 2026 during a routine security review. After confirming the breach, the platform notified affected users through direct emails from company leadership.
The exposed data included email addresses, phone numbers, and limited account details. Substack stated that passwords, payment details, and financial information remained secure. The company also confirmed that it fixed the vulnerability that allowed the intrusion and strengthened internal monitoring systems.
Security researchers reported that threat actors shared samples of the stolen data on underground forums. These samples suggested that a large number of users may have been affected. Some records also contained usernames and internal account identifiers, which can increase the risk of targeted phishing attacks.
Cybersecurity experts warn that contact information alone can still cause harm. Attackers often use email addresses and phone numbers to launch phishing, smishing, and impersonation scams. These attacks rely on trust rather than technical exploits, making them harder for users to detect. The delayed discovery of the breach has drawn criticism from privacy professionals. They note that platforms must invest in stronger detection tools and faster incident response processes. As digital publishing platforms grow, attackers increasingly target them for user data.
Users impacted by the breach should remain alert. Experts recommend watching for unexpected emails or messages that request personal details. Avoid clicking unknown links and verify the sender before responding. These steps help reduce the risk of follow – up attacks linked to the incident. For organizations handling subscriber data, the incident highlights the importance of regular audits, access controls, and breach readiness planning.
To delve deeper into this topic, Visit PCMag.
