I am still confused for days whether this is a real news or a hoax. Only a substack user saying they received this email. I did not. And there is no official statement by Substack. What is really going on here?
I've seen the leaked data posted on forums. I'm assuming they're trying to minimize the bad PR from this incident by only doing what's legally required, which is to notify affected users. They're likely not obligated to notify the broader public. Whether they should be obligated to do so is another discussion entirely.
Do you reside outside of the EU (and outside anywhere where GDPR equivalents are enforced)? Maybe that would explain it.
Under GDPR, a business has the obligation to inform users if they have been affected by a data breach. That could hypothetically explain why Substack would inform some users (those protected by GDPRish legislation) while keeping it quiet towards the rest of them.
parable|22 days ago
meitham|22 days ago
ntoskrnl_exe|22 days ago
proactivesvcs|22 days ago
https://haveibeenpwned.com/Breach/Substack
ochronus|22 days ago
Mordisquitos|22 days ago
Under GDPR, a business has the obligation to inform users if they have been affected by a data breach. That could hypothetically explain why Substack would inform some users (those protected by GDPRish legislation) while keeping it quiet towards the rest of them.
GeorgeOldfield|21 days ago