Polymarket blames third-party login tool for account breaches

Prediction market platform Polymarket said a third-party authentication provider was responsible for a set of reported account breaches affecting some users. In a Tuesday update on the company’s Discord, Polymarket stated it had identified and fixed a security issue impacting “a small number of users” after several reported unusual activity in their accounts.

Polymarket attributed the incident to a vulnerability introduced by an external login tool and said the issue has been remediated. The platform added that there is no ongoing risk and that it will reach out to affected customers.

The confirmation followed user posts on Reddit and X reporting that funds had been drained. Some users said they observed three login attempts before balances were depleted. One Reddit user wrote that their device showed no signs of compromise and other services were unaffected, but upon checking Polymarket they found their positions closed and a remaining balance of 0.01$.

Other users suggested the problem could be linked to Magic Labs, a wallet service integrated with Polymarket. An X user claimed their Polymarket wallet — created via Magic Labs — was drained and said they had not registered an email with the provider, asserting they did not receive phishing messages.

Users previously reported similar issues in late 2024, when some accounts were allegedly drained after logging in through Google, according to community posts.

Stay informed, read the latest news right now!

Disclaimer

The content on TrustsCrypto.com is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency markets are highly volatile, always do your own research before making decisions.

Some content may be assisted by AI and reviewed by our editorial team, but accuracy is not guaranteed. TrustsCrypto.com is not responsible for any losses resulting from the use of information provided.