A security incident at Substack has resulted in user data being accessed without authorization. The incident was initially reported by a user on BreachForums claiming to have scraped nearly 700,000 user records. The company has stated that limited user data, including email addresses, phone numbers, and internal metadata, was accessed, while passwords and financial information remained secure, as reported by HackRead.Alleged sample records shared on BreachForums indicate the inclusion of complete user account details, such as account creation dates, update timestamps, notification preferences, and internal moderation flags like "is_global_admin" and "has_passed_captcha." This suggests access beyond simple scraping, potentially involving internal systems. Notably, the exposed data includes information on active publishers, their newsletter details, and Stripe customer IDs, linking accounts to payment systems. Some user accounts date back to 2018, indicating a broad snapshot of user information was potentially compromised.While Substack reports no evidence of data misuse thus far, the circulation of this data on cybercrime forums poses a significant risk of targeted phishing and social engineering attacks for affected users. The presence of internal metadata and links to payment systems highlights the potential for more sophisticated attacks.Source: HackRead
Data Security, Security Operations, Breach
Substack data breach: User records and internal metadata exposed

(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



