Polymarket Breach: Users Lose Thousands as Third-Party Login Tool Is Blamed
Prediction market Polymarket experienced account breaches, with users reporting losses up to $2,000. The platform blames a third-party login tool, raising security concerns.
Your crypto might not be as safe as you think, especially if you're using a simple email login. Prediction market platform Polymarket is grappling with a series of account breaches, with users reporting their funds have been drained. The platform points the finger at a third-party login provider, exposing a critical vulnerability in the quest for user-friendly crypto access.
Vanishing Funds and a Vague Explanation
According to reports from December 24, 2025, users took to social media platforms like Reddit and X to report unexpected login alerts followed by wiped balances. One user claimed a loss of around $2,000 despite having two-factor authentication (2FA) enabled. Another reported their account balance plummeting to just one cent.
In response, Polymarket confirmed the security incident on its Discord channel, attributing it to a vulnerability from an unidentified third-party authentication provider. The company, however, did not disclose the number of affected users or the total amount stolen.
Magic Labs Under Scrutiny
While Polymarket has not officially named the provider, user speculation is heavily focused on Magic Labs. Magic Labs is a popular tool that simplifies Web3 access by allowing email-based logins and automatically creating wallets for users. Its ease of use has made it a common entry point for newcomers on platforms like Polymarket.
A Polymarket spokesperson stated on Discord, "The issue was caused by a vulnerability introduced by a third-party authentication provider... the issue has been remediated. There is no ongoing risk at this time." Neither Polymarket nor Magic Labs immediately responded to PRISM's request for comment.
This content is AI-generated based on source articles. While we strive for accuracy, errors may occur. We recommend verifying with the original source.
Related Articles
ZeroLend's shutdown and a 40% TVL drop signal DeFi's consolidation phase. Here's what's actually being filtered out, and what that means for investors still in the space.
SpaceX swung from $8B profit to a $5B loss in 2025, yet kept its 8,285 BTC position untouched. With an IPO looming, what does that signal about corporate treasury strategy?
Iranian state media published images of downed drone debris as Tehran announced a reward for the capture of its crew—signaling more than a military incident.
Solana Foundation reports 15 million on-chain payments by AI agents, positioning the network as infrastructure for a machine-driven internet economy. What happens when AI holds the wallet?
ZeroLend's shutdown and a 40% TVL drop signal DeFi's consolidation phase. Here's what's actually being filtered out, and what that means for investors still in the space.
SpaceX swung from $8B profit to a $5B loss in 2025, yet kept its 8,285 BTC position untouched. With an IPO looming, what does that signal about corporate treasury strategy?
Iranian state media published images of downed drone debris as Tehran announced a reward for the capture of its crew—signaling more than a military incident.
Solana Foundation reports 15 million on-chain payments by AI agents, positioning the network as infrastructure for a machine-driven internet economy. What happens when AI holds the wallet?
Thoughts
Share your thoughts on this article
Sign in to join the conversation