According to Cointelegraph, prediction markets platform Polymarket has identified a security breach affecting a limited number of user accounts, attributing the issue to a vulnerability in a third-party authentication provider. The company announced on its Discord channel that the security flaw had been flagged and resolved after users reported unusual activities in their accounts. Polymarket emphasized its commitment to security and assured users that the issue has been addressed, with no ongoing risk. Affected users will be contacted directly by the company.
Reports of the breach surfaced across social media platforms such as Reddit and X, with several users claiming their accounts were compromised, resulting in drained funds. One Reddit user described waking up to find three unauthorized login attempts on their Polymarket account, leading to a zero balance. Despite checking their device and other services for security breaches, no other suspicious activity was found. Another user on X reported a similar incident, noting that their Polymarket wallet, created through Magic Labs, was emptied without any phishing links being received.
The security issue has raised concerns among Polymarket users, with some speculating that the breach may be linked to Magic Labs, a widely used wallet service integrated with the platform. This incident is not the first of its kind for Polymarket, as users previously experienced security breaches in late 2024 when logging in via Google accounts. The platform's recent security lapse highlights the ongoing challenges faced by online services in safeguarding user data and funds.