Polymarket Denies Data Breach, Says Alleged Hacker Is Repackaging Public Onchain Data

Polymarket has denied reports of a major data breach after claims surfaced on the dark web alleging that thousands of user records were stolen. The platform described the allegations as “complete and utter nonsense,” stating that no internal systems were compromised.

The controversy began after cybersecurity trackers and X (Twitter) accounts monitoring dark web activity shared screenshots from DarkForums. A user under the alias “xorcat” claimed responsibility for breaching Polymarket and stealing more than 300,000 records, including roughly 10,000 user profiles containing names, profile images, proxy wallet details, and Base blockchain addresses.

Company Says Data Is Publicly Accessible

Polymarket responded that the alleged breach data is already publicly available through onchain records and developer-facing APIs. The company emphasized that blockchain transparency makes its data inherently auditable and not sensitive in the way traditional databases are.

The platform also dismissed accusations that it lacks a bug bounty program, clarifying that its official program launched on April 16 and has already received 446 submissions.

Hacker Claims API Exploits, Experts Skeptical

The individual claiming responsibility alleged they accessed data through undocumented API endpoints, pagination bypass techniques, and CORS misconfigurations tied to Polymarket’s Gamma and CLOB APIs. The hacker also claimed involvement in breaches of other prediction markets and threatened additional data releases.

However, cybersecurity experts have questioned the credibility of the claims. Threat researcher and CSO Vladimir S stated that the situation appears to be data scraping rather than an actual database breach, calling the leak narrative unlikely.

Broader Security Concerns in Crypto Sector

The incident comes amid increased security concerns across the crypto industry. Blockchain security firm Hacken reported that Web3 projects lost $482 million in hacks and scams in Q1 2026, across 44 separate incidents, highlighting ongoing vulnerabilities in the ecosystem.

Overall, while claims of a breach have spread quickly online, both Polymarket and independent analysts maintain that the data involved is publicly accessible rather than stolen through unauthorized system access.