Polymarket Confirms Recent User Account Breach Due to Third-Party Vulnerability

BlockBeats News, December 24th, Decentralized prediction market platform Polymarket has confirmed that a recent security vulnerability incident involving a third-party identity verification provider has affected multiple users.

Earlier this week, reports of Polymarket accounts being compromised started to surface on Twitter and Reddit, with affected users detailing their losses on social media. According to user reports on social media, the issue appears to have impacted users who registered on Polymarket through Magic Labs. Magic Labs allows users to log in via email and create non-custodial Ethereum wallets. Magic Labs' registration service is widely used by many cryptocurrency newcomers who do not have digital asset wallets.

On Tuesday, Polymarket acknowledged this security issue on its official Discord channel, stating, "We recently discovered and resolved a security issue affecting a small number of users. This issue was caused by a vulnerability introduced by a third-party identity verification provider." However, Polymarket did not disclose the number of affected users or the amount stolen, nor did it specify the third-party service provider involved in this incident. The platform stated that the issue has been resolved, and there is no remaining risk. (The Block)