Substack data breach exposes emails and phone numbers

If you work newsletters to enactment informed, present is an update worthy paying attraction to. Substack, a fashionable level wherever writers, journalists and creators nonstop email updates straight to subscribers, has confirmed a information breach that exposed idiosyncratic data.

The institution says the exposed accusation includes email addresses, telephone numbers and interior relationship metadata. More delicate data, specified arsenic passwords, recognition paper numbers and fiscal information, was not affected. That is bully news. Still, galore users are asking however this happened and wherefore it took months to detect.

For clarity, CyberGuy does not usage Substack to nonstop its newsletters.

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide – escaped erstwhile you articulation my CYBERGUY.COM newsletter.

ROBINHOOD TEXT SCAM WARNING: DO NOT CALL THIS NUMBER

Substack confirmed a information breach that exposed users’ email addresses, telephone numbers and interior relationship metadata aft unauthorized entree successful October. (Photo Illustration by Robin Utrecht/SOPA Images/LightRocket via Getty Images)

What we cognize truthful acold astir the Substack breach

According to Substack, the unauthorized entree occurred successful October but was not identified until February. That means idiosyncratic information whitethorn person been exposed for respective months earlier the contented was discovered. In effect to CyberGuy's petition for comment, Substack shared an email from CEO and cofounder Chris Best that was sent to affected users connected Wednesday, Feb. 4.

"I'm incredibly atrocious this happened," Best wrote. "We instrumentality our work to support your information and your privateness seriously, and we came up abbreviated here." He went connected to accidental the institution will "work precise hard to marque definite it does not hap again."

According to Best, Substack identified grounds of a strategy contented connected February 3 that allowed an unauthorized 3rd enactment to entree constricted idiosyncratic information successful October. He confirmed the accessed information included email addresses, telephone numbers and interior metadata. He besides said passwords, recognition paper numbers and fiscal accusation were not accessed.

What Substack says it is doing now

Substack says it has fixed the strategy contented that allowed the unauthorized entree and has launched a afloat investigation. The institution besides said it does not person grounds that the exposed accusation is being misused. Even so, it encouraged users to instrumentality other caution with emails oregon substance messages that look suspicious. While the connection clarifies what information was exposed, it does not explicate wherefore the entree went undetected for respective months oregon what circumstantial safeguards are present successful spot to forestall a akin incident. That spread remains a cardinal concern.

Why exposed emails and telephone numbers inactive matter

Email addresses and telephone numbers are often the archetypal pieces of accusation utilized successful scams. Once attackers person verified interaction details, they tin nonstop messages that consciousness personal, urgent oregon familiar. Those messages whitethorn notation subscriptions, billing oregon relationship changes to unit radical into clicking links oregon sharing information. Even without passwords, this benignant of vulnerability tin summation the hazard of phishing and impersonation attempts. That is wherefore consciousness matters now.

MICROSOFT 'IMPORTANT MAIL' EMAIL IS A SCAM: HOW TO SPOT IT

Security experts pass exposed email addresses and telephone numbers tin substance phishing and impersonation scams. (Photo by Annette Riedl/picture confederation via Getty Images)

Ways to enactment harmless aft the Substack breach

If you person a Substack account, present is simply a bully clip to tighten things up.

1) Watch for targeted messages

Be cautious with emails oregon texts that notation your Substack relationship subscriptions oregon payments. Scammers whitethorn usage existent details to dependable convincing.

2) Avoid clicking links nether pressure

Urgent connection is simply a communal tactic. Go straight to Substack's website alternatively of utilizing links successful messages. Use a beardown antivirus to safeguard yourself from malicious links that instal malware, perchance accessing your backstage information.

Get my picks for the champion 2026 antivirus extortion winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

3) Change your password anyway

Even if passwords were not exposed, updating them adds a furniture of protection, particularly if you reuse passwords elsewhere. Consider utilizing a password manager, which securely stores and generates analyzable passwords, reducing the hazard of password reuse. 

Next, spot if your email has been exposed successful past breaches. Our No. 1 password manager prime includes a built-in breach scanner that checks whether your email code oregon passwords person appeared successful known leaks. If you observe a match, instantly alteration immoderate reused passwords and unafraid those accounts with new, unsocial credentials.

Check retired the champion expert-reviewed password managers of 2026 at Cyberguy.com.

4) Limit information exposure

Consider utilizing a information removal work to trim wherever your email and telephone fig look online. Fewer information points marque scams harder to propulsion off. These services bash each the enactment for you by actively monitoring and systematically erasing your idiosyncratic accusation from hundreds of websites.

Check retired my apical picks for information removal services and get a escaped scan to find retired if your idiosyncratic accusation is already retired connected the web by visiting Cyberguy.com.

Get a escaped scan to find retired if your idiosyncratic accusation is already retired connected the web: Cyberguy.com.

5) Use two-factor authentication

Enable two-factor authentication (2FA) wherever imaginable to trim the hazard of relationship takeover.

SOUNDCLOUD DATA BREACH EXPOSES 29.8 MILLION USER ACCOUNTS

The institution said passwords and fiscal accusation were not accessed, but the breach went undetected for months. (Photographer: Luke MacGregor/Bloomberg via Getty Images)

Kurt's cardinal takeaways

Substack's breach is simply a reminder that adjacent creator-focused platforms look existent information risks. While the institution says delicate information was not affected, unanswered questions stay astir detection delays and transparency. Email addresses and telephone numbers are almighty tools successful the incorrect hands. Staying alert present tin forestall bigger problems later. Trust is built connected clarity, and users are inactive waiting for it.

Have you changed however you support your email and telephone fig aft caller information breaches, and what steps person made you consciousness safer? Let america cognize by penning to america at Cyberguy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide – escaped erstwhile you articulation my CYBERGUY.COM newsletter. 

Copyright 2026 CyberGuy.com. All rights reserved.