User emails and phone numbers leaked in Substack security incident

Substack confirmed a data breach that exposed user email addresses and phone numbers. The company said passwords and financial information were not affected. The incident occurred in October and was later investigated.

Chief executive Chris Best told users the vulnerability was identified in February and has since been fixed, with an internal investigation now underway. The company has not disclosed the technical cause of the breach or why the intrusion went undetected for several months.

Substack also did not confirm how many users were affected or provide evidence showing whether the exposed data has been misused. Users were advised to remain cautious about unexpected emails and text messages following the incident.

The breach was first reported by TechCrunch, which said the company declined to provide further operational details. Questions remain around potential ransom demands or broader system access.

Substack reports more than 50 million active subscriptions, including 5 million paid users, and raised $100 million in Series C funding in 2025, led by BOND and The Chernin Group, with participation from Andreessen Horowitz and other investors.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!