Substack disclosed a security incident after a hacker leaked user records allegedly taken from its systems, exposing email addresses, phone numbers, and internal metadata. The company says passwords and payment information were not exposed, notified users after discovering the October 2025 incident on February 3, and urged vigilance for suspicious messages. #Substack #Crunchbase
Keypoints
- Substack reported an unauthorized access incident that led to a data leak.
- Compromised information included names, email addresses, phone numbers, profile pictures, user IDs, bios, and internal metadata.
- Substack stated that passwords and payment card details were not exposed.
- The incident occurred in October 2025 and was discovered on February 3, prompting user notifications and mitigations.
- A threat actor claimed to have scraped nearly 700,000 records and posted them on a cybercrime forum, and the company advised users to watch for suspicious emails and texts.
Read More: https://www.securityweek.com/substack-discloses-security-incident-after-hacker-leaks-data/