Substack Data Breach

22/10/2025 · 663,121 records · moderate risk

0 /100

Gravity Score

Moderate

Calculated based on the types of data exposed (2 categories) and the volume of affected records (663,121).

Account records tied to Substack were exposed in a breach and later redistributed more widely. The leaked material combines contact details with profile related information that may be visible on the service.

The incident affected 663,000 records containing email addresses and profile data such as publication names and bios. A portion of the entries also included phone numbers.

Exposed data

Email addresses Phone numbers

What to do based on this breach

Be cautious with texts or calls that reference your publication name or bio and try to get verification codes or payments

Review what is publicly visible on your Substack profile, such as your bio and publication name, and adjust if you want less exposure

Enable two step verification on the email address used with Substack to reduce takeover risk

Use an alternate number or remove your phone number from the account if the option exists and fits your needs

What can we learn from this breach?

Even if some profile details are public, combining an email address with a phone number enables direct outreach and SMS based verification scams. The takeaway is to avoid collecting optional data, protect contact info with strong access controls and auditing, and communicate clearly with users when profile and contact details are exposed.

Was your data exposed?

Check now if your email appears in this breach. It's free, takes 30 seconds and requires no signup.

Check my email

Related breaches

Canadian Tire

01/10/2025 38,306,562 records high risk

2 data types in common

CarGurus

13/02/2026 12,461,887 records moderate risk

2 data types in common

← All breaches