ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Substack Data Breach

substack.com
Limited exposure
Verified breach
Accounts exposed 663,121
Breach date 23 Oct 2025
Added to tracker 06 Feb 2026
Data classes 2

What happened

In October 2025, the publishing platform Substack suffered a data breach that was subsequently circulated more widely in February 2026. The breach exposed 663k account holder records containing email addresses along with publicly visible profile information from Substack accounts, such as publication names and bios. A subset of records also included phone numbers.

Exposed data

Email addresses Phone numbers

Recommended actions

  • Watch for targeted phishing emails referencing Substack โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP