Substack database leak on BreachForums
Data Leak
Summary
Hide ▲
Show ▼
A Substack-related database leak on BreachForums exposed 697,313 records of allegedly stolen data and widened the breach's impact. The public posting ties the leak to Substack users and to contact data such as email addresses and phone numbers. The exposure increases the risk of phishing and other follow-on abuse.
Related Happenings
Substack hit by network compromise
Incident
First: 05.02.2026 14:54
Last: 05.02.2026 14:54
Sources 1
How related:
"On February 3rd, we identified evidence of a problem with our systems that allowed an unauthorized third party to access limited user data without permission, including email addresses, phone numbers, and other internal metadata," Best said in breach notification emails sent today.
About this happening:
**Substack** confirmed a **data breach** that exposed **email addresses**, **phone numbers**, and **internal metadata** for some users, creating a **phishing risk**. The unauthori...
Substack hit by network compromise
IncidentHow related: "On February 3rd, we identified evidence of a problem with our systems that allowed an unauthorized third party to access limited user data without permission, including email addresses, phone numbers, and other internal metadata," Best said in breach notification emails sent today.
About this happening: **Substack** confirmed a **data breach** that exposed **email addresses**, **phone numbers**, and **internal metadata** for some users, creating a **phishing risk**. The unauthori...
Timeline
-
05.02.2026 02:00 1 articles · 3mo ago
BreachForums leak exposes 697,313 Substack records
Campaign Scope UpdateA threat actor posts an allegedly stolen Substack database on the BreachForums hacking forum, exposing 697,313 records of allegedly stolen data and claiming the scraping method was noisy but patched fast.
Show sources
- Newsletter platform Substack notifies users of data breach — www.bleepingcomputer.com — 05.02.2026 14:54
-
05.02.2026 02:00 1 articles · 3mo ago
Substack notifies users after identifying unauthorized access
Initial DisclosureSubstack tells affected users that unauthorized access to limited user data occurred in October 2025, says it identified evidence of the problem on February 3, 2026, confirms that email addresses and phone numbers were exposed but credit card numbers, passwords, and financial information were not, and says the flaw has been fixed while warning about phishing attempts.
Show sources
- Newsletter platform Substack notifies users of data breach — www.bleepingcomputer.com — 05.02.2026 14:54