Polymarket Rejects Hacker Claims of User Data Breach

TLDR

• Polymarket denied claims that a hacker breached its systems and stole private user data.
• The alleged hacker claimed to have accessed over 300,000 records from the platform.
• Polymarket said the data shown online was publicly available through its APIs and on-chain sources.
• The company confirmed it has an active bug bounty program that began on April 16.
• Security experts questioned the breach claim and suggested the data may have been scraped from public endpoints.
• Hacken reported that Web3 projects lost $482 million to hacks and scams in the first quarter of 2026.

Polymarket denied claims that a hacker breached its systems and stole private user records. The company said the data shown online comes from public APIs and on-chain sources. The response followed dark web posts alleging the theft of more than 300,000 records.

Polymarket Denies Breach After Dark Web Claims

Cybersecurity firm Vecert Analyzer and several X accounts shared screenshots from DarkForums on Tuesday. The posts showed a user called “xorcat” claiming to have breached Polymarket. The alleged hacker said they stole over 300,000 records from the platform.

INTELLIGENCE ALERT: EXPLOIT KIT AND DATASET SALE – POLYMARKET

Threat actor xorcat has put up for sale a package containing a "Red Team" exploit kit and a structured dataset exfiltrated from Polymarket (https://t.co/Cxg2Y8jFCE)—the world's largest decentralized… pic.twitter.com/PjsAEbziGq

— VECERT Analyzer (@VECERTRadar) April 27, 2026

The post claimed the data included 10,000 user profiles with names and images. It also lists proxy wallets and base addresses tied to accounts. However, Polymarket rejected the claims and called them “complete and utter nonsense.”

The company said the hacker accessed publicly available API endpoints and blockchain data. It stated that developers can access the same information for free.

“No data was leaked, it’s accessible via our public endpoints & on-chain data,” Polymarket said.

Polymarket added that blockchain transparency allows public auditing of records. It described this feature as central to its platform design.

The company questioned the hacker’s motives and asked, “Which VC paid you to post this?”

Hacker Cites APIs as Crypto Hacks Rise

The hacker said they scraped data because Polymarket lacked a bug bounty program. However, Polymarket launched a live bug bounty on April 16. The company said it received 446 reports as of Wednesday.

Xorcat claimed to have used undocumented API endpoints and pagination bypass. The post also mentioned a CORS misconfiguration in Gamma and CLOB APIs. The hacker said they breached other prediction markets and planned further data releases.

Security experts questioned the breach narrative after reviewing the screenshots. Vladimir S, chief security officer at Legalblock, shared doubts about the claims.

He said, “It appears someone parsed data and is trying to present it as a [DB] leak.”

The broader crypto sector has faced rising cyber incidents in recent months. Blockchain security firm Hacken reported $482 million in losses during the first quarter of 2026. Hacken said hackers carried out 44 incidents across Web3 projects during that period.

Polymarket maintained that no internal systems were compromised. It repeated that all referenced information remains publicly accessible. The company said developers can retrieve the same data through official APIs without payment.

The post Polymarket Rejects Hacker Claims of User Data Breach appeared first on CoinCentral.