Polymarket has rejected claims of a major data breach by a dark web vendor, calling the reports “nonsense”. The threat actor using the handle “xorcat” claimed to have leaked a database affecting over 300,000 records and an exploit kit containing about 1GB of records (names, aliases, and wallet addresses).
The attacker, who claimed to have leaked Polymarket data on a popular cybercrime forum, explained that the data was extracted via unauthenticated API endpoints, pagination bypass, and CORS misconfiguration in Polymarket’s Gamma and CLOB APIs. The package also includes an automatic unpacking script and working POC documentation for several CVEs.
Specifically, the data pulled included 10,000 unique user profiles with full personally identifiable information (name, alias, bio, profile photo, agent portfolio, primary address), and over 4,111 comments with attached profile objects.
The attacker also provided proof-of-concept scripts and claimed that the data included 1,000 report records containing 58 unique ETH addresses and the admin_auth_addr handle, as well as over 48,000 gamma markets with full metadata, state IDs, and token IDs.
Additionally, there were over 250,000 active CLOB markets with FPMM addresses, and over 292 events with sender/analyst ETH addresses and internal usernames. The leak also included 100 bounty configurations with USDC contract addresses and daily prices, 9,000 follower profiles (with names, aliases, and proxy wallets), and internal user IDs exposed in created by/updated by fields.
The Polymarket hack poses a threat to national security
Polymarket is at the center of a major integrity scandal that constitutes a different kind of breach, one of national security. The Department of Justice and the CFTC are using the recent hack as a prime example of why Prediction markets Need more stringent oversight, arguing that they can incentivize Leaking secret intelligence information for profit. This exposes merchants – including prominent political figures – to phishing or targeted harassment.
These allegations follow a pattern of confirmed cybersecurity failures that have shaken user confidence over the past six months. Attackers in API/bot manipulation in February 2026 exploited A design flaw in Polymarket’s order system, “nonces” were designed to cancel on-chain trades while maintaining the validity of off-chain records. This has caused bots to incur huge losses based on false API reports.
Polymarket also confirmed another third-party authentication breach in December 2025. The breach was linked to a vulnerability in a third-party login tool (reportedly Magic Labs), which allowed attackers to drain funds even from accounts that had two-factor authentication enabled. last Phishing attack In November 2025 in the comments section of Polymarket, it resulted in user losses of over $500,000.
Regulators are turning to active bans as the size of the prediction market grows
Regulators are shifting from passive monitoring to active bans as the size of prediction markets grows. Brazilian government Forbidden 27 platforms in April 2026 (including Calci and PoleMarket), citing concerns about household debt and consumer protection.
Authorities in Romania and Portugal have also recently banned specific political contracts to prevent betting on elections.
Meanwhile, PolyMarket has adopted stricter internal rules as of March 2026. The rules explicitly prohibit trades based on stolen information or “insider” knowledge of geopolitical events. Polymarket has also entered into a regulatory services agreement with the National Futures Association (NFA) to implement real-time monitoring. This move signaled a shift towards mainstream financial commitment.
Regulators also closely examined high-profile trades, such as a $32,000 bet on the capture of Nicolas Maduro, which generated a profit of $436,000 before official news broke in January 2026. The White House and various agencies have since warned against trading on non-public information related to geopolitical conflicts, such as the war between the United States and Iran.
On the other hand, said Bernstein analyst Gautam Chugani expected Increase regulatory clarity at the federal level to foster the growth of prediction markets. It is estimated that the total expected market size will reach $240 billion in 2026 (+370% from last year).
Chogani also expects the market’s trading volume to reach $1 trillion annually by the beginning of the next decade, with a compound annual growth rate of about 80% between 2025 and 2030. The composition of contracts traded is also likely to change.
