// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-hibpDTG 0600Z
ColdRecon / Breach Radar / Substack
Breach Record

Substack

DISCLOSED 2025-10-23 · STOLEN CREDS · 663,121 RECORDS EXPOSED

In October 2025, the publishing platform Substack suffered a data breach that was subsequently circulated more widely in February 2026. The breach exposed 663k account holder records containing email addresses along with publicly visible profile information from Substack accounts, such as publication names and bios. A subset of records also included phone numbers.

The record

What we know

Disclosed
2025-10-23
Attack vector
Stolen Creds
Records exposed
663,121
Domain
substack.com
Data classes exposed
Email addressesPhone numbers
Sources

Cited reporting

Similar vector · recent

Other stolen creds breaches on file

This page is the permanent ColdRecon entry for the Substack disclosure. It updates if new public reporting emerges. All tracked breaches →

Substack just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →