Particle.news
Download on the App Store
3 ARTICLES
·
last wk.

Polymarket Denies Breach After Dark‑Web Claim of 300,000 Records

The dispute underscores how public blockchain data can be repackaged to look like a private leak.

Polymarket Rejects Data Breach Claims as Hacker Alleges 300K Records Stolen
Polymarket breach claim: 300,000+ user data allegedly exposed, claimed by "xorcat

Overview

  • Polymarket said no intrusion occurred and that the dataset promoted online came from its public APIs and on‑chain records.
  • A poster using the name "xorcat" advertised a trove they said held more than 300,000 Polymarket records on a dark‑web forum.
  • The poster claimed they gathered data by calling undocumented API links, forcing pages to return oversized lists, and exploiting a cross‑origin setting that lets outside sites make requests.
  • Security reviewers, including Legalblock’s security chief, said the files look like scraped public information rather than a private database dump.
  • Polymarket pointed to a live bug bounty launched April 16 that has received 446 reports, and the flap lands as Hacken reports $482 million lost to Web3 hacks in the first quarter of 2026.