Polymarket Addresses Third-Party Provider Flaw After User Account Breach

TLDR

• Polymarket confirms a security breach linked to a third-party authentication provider.
• Users who signed up via Magic Labs reported drained accounts after suspicious logins.
• The issue affected a small group of users, with Polymarket resolving the breach.
• Polymarket vows to contact impacted users following the third-party vulnerability.

Polymarket, a decentralized prediction market platform, confirmed a security breach affecting several users. The breach was linked to a vulnerability in a third-party authentication provider, particularly impacting users who had signed up through Magic Labs. Users affected by the breach reported that their balances were drained after experiencing suspicious login attempts.

Reports Surface of Drained Accounts

The breach was first reported by users on social media platforms like Reddit and X, with individuals detailing how their accounts had been compromised. One user shared their experience on Reddit, stating, “Today I woke up and see 3 attempts to login to Polymarket — My device isn’t compromised, Google found nothing suspicious, all other services are fine.” The user later discovered that all their deals were closed, and their balance was reduced to just $0.01.

Other users reported similar incidents, where their Polymarket accounts were drained despite having two-factor authentication enabled on their email. The issue appears to have primarily affected users who signed up through Magic Labs, which facilitates non-custodial Ethereum wallets using email sign-ins. Magic Labs is known to attract first-time crypto users who don’t already have digital wallets.

Acknowledgment and Resolution from Polymarket

On December 23, Polymarket acknowledged the breach on its official Discord channel. The platform confirmed that it had identified and resolved the issue, assuring users that no ongoing risks remained. In their statement, Polymarket explained that the vulnerability stemmed from a third-party authentication provider and promised to contact the users impacted by the breach.

“We recently identified and resolved a security issue affecting a small number of users,” Polymarket noted. “The issue was caused by a vulnerability introduced by a third-party authentication provider. We will be in contact with impacted users,” the platform further clarified.

However, Polymarket did not provide specific details regarding the number of affected users or the total financial losses from the breach. Additionally, the identity of the third-party provider has not been disclosed.

Previous Security Issues and Ongoing Concerns

This latest incident is not the first time Polymarket has faced security concerns related to third-party services. In September 2024, a similar breach occurred involving Google logins. Users reported that attackers exploited a vulnerability in a third-party authentication system, draining USDC funds from their wallets. Polymarket had attributed the breach to targeted exploits related to the third-party service used for Google logins.

In November 2024, a separate phishing campaign exploited Polymarket’s comment sections, resulting in over $500,000 in user losses. Fraudulent links were shared in the comment sections, prompting users to log in through email, which led to stolen funds.

Ongoing Security Measures and User Safety

Polymarket emphasized that it has resolved the current security issue and assured users that there are no lingering risks. The platform has stated its commitment to reaching out to affected users to assist them further.

Despite these measures, the repeated nature of such security issues raises questions about the long-term security of platforms that rely on third-party authentication providers. With crypto-related hacks and scams on the rise, users are urged to remain vigilant and follow best practices for securing their accounts.

The post Polymarket Addresses Third-Party Provider Flaw After User Account Breach appeared first on CoinCentral.