Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Substack hit by network compromise

Incident
First reported
Last updated
Happening score
H score 12
2 unique sources, 2 articles

Summary

Hide ▲

Substack confirmed a data breach that exposed email addresses, phone numbers, and internal metadata for some users, creating a phishing risk. The unauthorized access happened in October 2025 but was identified on February 3rd. Credit card numbers, passwords, and other financial information were not accessed. Substack says it has fixed the problem and is warning users to watch for suspicious emails or texts.

Related Happenings

Substack database leak on BreachForums

Data Leak
First: 05.02.2026 14:54 Last: 05.02.2026 14:54 Sources 1

How related: on Monday, a threat actor leaked a database on the BreachForums hacking forum containing 697,313 records of allegedly stolen data.

About this happening: A **Substack**-related database leak on **BreachForums** exposed **697,313 records** of allegedly stolen data and widened the breach's impact. The public posting ties the leak to...

Open Happening

Timeline

  1. 05.02.2026 14:54 1 articles · 3mo ago

    BreachForums leak of 697,313 Substack records

    Campaign Scope Update

    A threat actor leaked a BreachForums database containing 697,313 records of allegedly stolen Substack data, and the actor said the scraping method used was noisy and patched fast.

    Show sources
    Open in new tab
  2. 05.02.2026 14:54 2 articles · 3mo ago

    Substack identifies unauthorized user-data access

    Detection Ioc Update

    Substack identified evidence of a problem with its systems that allowed an unauthorized third party to access limited user data without permission, including email addresses, phone numbers, and other internal metadata.

    Show sources
    Open in new tab
  3. 05.02.2026 14:54 2 articles · 3mo ago

    Substack notifies users and fixes the flaw

    Initial Disclosure

    Substack sent breach notification emails, said the data was accessed in October 2025, confirmed that credit card numbers, passwords, and financial information were not accessed, fixed the problem, and warned users about possible phishing attempts using the stolen contact data.

    Show sources
    Open in new tab
  4. 05.02.2026 14:54 2 articles · 3mo ago

    Substack identifies unauthorized user-data access

    Detection Ioc Update

    Substack identified evidence of a problem with its systems that allowed an unauthorized third party to access limited user data without permission, including email addresses, phone numbers, and other internal metadata.

    Show sources
    Open in new tab
  5. 05.02.2026 14:54 2 articles · 3mo ago

    Substack notifies users and fixes the flaw

    Initial Disclosure

    Substack sent breach notification emails, said the data was accessed in October 2025, confirmed that credit card numbers, passwords, and financial information were not accessed, fixed the problem, and warned users about possible phishing attempts using the stolen contact data.

    Show sources
    Open in new tab