Kurt “CyberGuy” Knutsson recently appeared on “Fox & Friends Weekend” to highlight the critical importance of strong digital security practices, especially when it comes to safeguarding passwords on important online accounts. His timely warning comes in the wake of a recent data breach at Substack, a widely used platform where writers, journalists, and creators distribute newsletters directly to their subscribers via email. This incident underscores the ongoing risks users face online and the urgent need to strengthen personal cybersecurity measures.
Substack confirmed that it experienced a data breach involving unauthorized access to user information that occurred in October but was not detected until February—several months later. The compromised data included users’ email addresses, phone numbers, and some internal account metadata. Importantly, Substack assured users that more sensitive information such as passwords, credit card numbers, and financial details were not accessed. While that is somewhat reassuring, many users and cybersecurity experts remain concerned about how such a breach could go unnoticed for so long and what measures the company is taking to prevent future incidents.
In a statement shared with affected users, Substack’s CEO and cofounder, Chris Best, expressed regret about the breach. He acknowledged the company’s responsibility to protect user data and privacy, admitting that they fell short in this instance. Best emphasized that Substack has addressed the system vulnerability that allowed the unauthorized intrusion and has launched a comprehensive investigation. However, details about why the breach remained undetected for months and what specific safeguards are now in place remain vague, leaving some users uneasy about the platform’s transparency and security posture.
Even though passwords and financial information were not compromised, the exposure of email addresses and phone numbers alone presents significant risks. Cybersecurity experts warn that these pieces of information are often the first steps attackers use to launch phishing and impersonation scams. With verified contact details, scammers can craft messages that sound personal, urgent, or familiar—referencing subscriptions, billing issues, or account changes—to trick users into clicking malicious links or divulging sensitive information. This makes every user of Substack—and indeed any online service—vulnerable to follow-on attacks that could lead to identity theft, financial loss, or further breaches.
Knutsson advises users to be especially vigilant about any emails or text messages that reference their Substack accounts or subscription payments. A common tactic used by scammers is to create a sense of urgency or fear, pressuring recipients into immediate action without verifying the source. To avoid falling victim, users should refrain from clicking on links in suspicious messages and instead navigate directly to Substack’s official website when checking account status or managing subscriptions. Additionally, having up-to-date antivirus software is crucial to protect against malware that might be delivered through phishing links, which could further compromise personal information or devices.
Beyond caution, there are proactive steps users can take to improve their digital security in light of this breach. Even though Substack emphasized that passwords were not accessed, it is wise to update passwords regularly, especially if users tend to reuse the same password across multiple platforms—a risky habit that makes breaches more damaging. Using a reputable password manager is highly recommended; such tools generate strong, unique passwords for each account and securely store them, reducing the chance of password reuse and making it easier for users to maintain complex credentials.
Moreover, some password managers now include breach scanners that alert users if their email address or passwords have appeared in previous data leaks. This feature allows users to act quickly by changing compromised credentials and securing their accounts before cybercriminals can exploit them. Knutsson points readers to expert-reviewed password managers to help select the best options available in 2026, emphasizing that investing in these tools is a critical step toward better online security.
Another useful strategy is to consider data removal services that help reduce the amount of personal information available online. These services monitor and systematically erase users’ data—including email addresses and phone numbers—from numerous websites, making it harder for scammers to gather details needed for targeted attacks. With fewer data points exposed, users can significantly reduce their risk of falling prey to phishing or social engineering scams.
Enabling two-factor authentication (2FA) wherever possible is an additional, highly effective security measure. By requiring a second form of verification—such as a code sent to a mobile device or generated by an authentication app—2FA adds a critical layer of protection against unauthorized account access, even if a password is compromised. Users are encouraged to activate 2FA on all accounts that support it, including email, social media, financial services,