Tech

Polymarket Denies Alleged Data Breach Amid Dark Web Leak Claims

12 hours ago
Bitcoin Ethereum News
  • One may obtain the data for free using its APIs instead of paying for it, the prediction market platform stated.
  • The hacker group xorcat said in their post that they had obtained over 300,000 data, 10,000 of which were user profiles complete with usernames, photos, base addresses, and proxy wallets.

There have been rumors circulating that a hacker on the dark web leaked what they said was a treasure mine of confidential user information from Prediction markets platform Polymarket, but the company has disputed the claims.

On Tuesday, numerous X accounts that monitor the dark web—including cybersecurity firm Vecert Analyzer—shared pictures from DarkForums showing a hacker posing as “xorcat” and claiming to have compromised Polymarket.

Data Already Accessible Onchain

The hacker group xorcat said in their post that they had obtained over 300,000 data, 10,000 of which were user profiles complete with usernames, photos, base addresses, and proxy wallets. Polymarket condemned the data breach allegations as “complete and utter nonsense” and said that the hacker’s provided information is already accessible online.

Many in the cryptocurrency field were on high alert in April after a dramatic increase in breaches and attacks using cryptocurrency. Web3 projects lost $482 million in 44 incidents during the first quarter of 2026, according to blockchain security start-up Hacken. The study was published earlier this month.

One advantage of being on chain is that all of our data is publicly auditable. This is a feature, not a bug, according to the prediction market. There was no data breach; all of its publicly available endpoints and on-chain data are accessible. One may obtain the data for free using its APIs instead of paying for it, the prediction market platform stated.

The purported hacker said that Polymarket lacked a bug bounty program, which led to the disclosure of sensitive information. On the other hand, as of Wednesday, 446 reports have been received by Polymarket’s live bug bounty program, which began on April 16.

According to Xorcat, data was extracted from Polymarket’s Gamma and CLOB APIs using pagination bypass, CORS misconfiguration, and undocumented API endpoints. This hacker went on the record as having broken into additional prediction markets and was planning to leak the data in the coming days.

Highlighted Crypto News Today:

Skynet Report Flags Shift in Crypto Regulation Risk Toward AML Enforcement

Source: https://thenewscrypto.com/polymarket-denies-alleged-data-breach-amid-dark-web-leak-claims/