Polymarket: Account Hacks via Third-Party Auth

Polymarket: Account hacks via third-party auth, amid complaints about login attempts and missing funds among some users. In particular, several Reddit users described a series of login attempts on their Polymarket accounts and subsequent loss of funds, after which the platform publicly acknowledged the incident. One Reddit user described the situation as follows:

"Today I woke up and see 3 attempts to login to polymarket ... So I went to Polymarket and realised that all my deals were closed and balance is 0.01$."

In the comments, other participants also linked the issue to login scenarios where the user didn't change their security practices and didn't click any links, yet still saw signs of unauthorized access and withdrawals.

Learn our comprehensive reviews about the top legit exchanges, their features, benefits, and special offers!

More on the Incident and Polymarket's Response

Polymarket posted an official update on Discord and said it has resolved the issue and doesn't see any ongoing risk.

"We recently identified and resolved a security issue affecting a small number of users. The issue was caused by a vulnerability introduced by a third-party authentication provider."

Polymarket also added that the team will continue working with affected users and doesn't expect the incident to progress further:

"Polymarket takes security extremely seriously, and the issue has been remediated. There is no ongoing risk at this time, and we will be in contact with impacted users."

A separate thread of discussion focused on how an attack surface could form around third-party authentication. Users explicitly pointed to a chain where an attacker only needs to bypass controls in the authentication layer to access an account without compromising the user's device and without typical phishing signals. In that scenario, the platform can face a situation where the user continues to consider their local security sufficient, but the attacker gains access through the external authentication layer and then closes positions or initiates withdrawals.

Some comments tied the discussion to Magic Labs and to a sign-up flow that the ecosystem often uses to speed up onboarding for users who don't want to start with self-custody. And while Polymarket didn't name a specific provider in its public update, it directly linked the cause to a third-party authentication provider and thereby confirmed the key technical dimension of the incident. The update framed the issue around external authentication, but didn't describe any issues in trade execution or the network's core infrastructure. In parallel, the discussion raised the issue of recurrence: users recalled earlier cases where login compromise or social engineering around logins led to losses, and the platform then reviewed incidents at the third-party authentication level.

Get our comprehensive breakdown about Multisig Wallet: What Is Multisig and When It's Worth It?

Conclusion

If Polymarket maintains its stated "no ongoing risk" position and begins contacting impacted users, users and the market will focus on the quality of controls around third-party authentication: how the platform limits the impact of session compromise, how quickly it flags anomalous login patterns, and how it communicates the boundary of responsibility between internal account access and an external authentication provider.

In turn, for users this adds another reason to consider that while self-custody requires additional discipline, it can provide significantly greater control over access and funds. Get more insights from our guides for beginners and professionals, and stay tuned for the latest updates and opportunities in the new economy, crypto industry, and blockchain developments!