The digital publishing platform Substack has told some of its users that their data was stolen in a security breach. The affected account holders had their email addresses and phone numbers scraped in a hack that occurred in October 2025.
In an email posted on , Substack CEO, Christ Best, said the company became aware of the breach on February 3, which involved an “unauthorized third party to access limited user data without permission.” While internal metadata was also shared in the hack, Best said that credit card numbers and other financial details were not. No passwords were obtained either.
As well as apologizing to Substack users, the company’s CEO also said in the email that the security vulnerabilities have now been addressed. “We are conducting a full investigation, and are taking steps to improve our systems and processes to prevent this type of issue from happening in the future,” he said. Best added that there is no evidence that any of the stolen data is being “misused,” but advised the affected account holders to be wary of suspicious emails or text messages they may receive.
The newsletter platform has not disclosed how many accounts were hacked, but reported that a database allegedly containing 697, 313 stolen data records from Substack was leaked on the hacking forum BreachForums.
