Breaking
ARمقتل 4 أشخاص بينهم مديرة مدرسة بضربة مسيرة إسرائيلية في النبطية الفوقاPLSzczyt NATO w Ankarze: Jedność Sojuszu, wydatki na obronność i wsparcie dla UkrainyARمنتخب مصر يستعد لمواجهة الأرجنتين في دور الـ16BRJuiz de Fora receberá R$ 217 milhões do governo federal para obras em áreas atingidas pelas chuvasINChinese President Xi Jinping Sends Congratulatory Message to US President Donald Trump for Independence DayDEExpertenkommission: Berlin ist nicht ausreichend auf Krisen vorbereitetTRMAKTEK Avrasya 2026: Türkiye'nin Üretim Kapasitesi VurgulanacakDEWissenschaftsrat fordert intellektuelle Souveränität im Umgang mit KI an HochschulenCRYPTO-ENBelgium Regulator Warns Consumers About Six Unlicensed Crypto Service ProvidersRUГлава ОАК: Замена двигателей Sam146 на ПД-8 для SSJ-100 не потребует госсредствARمقتل 4 أشخاص بينهم مديرة مدرسة بضربة مسيرة إسرائيلية في النبطية الفوقاPLSzczyt NATO w Ankarze: Jedność Sojuszu, wydatki na obronność i wsparcie dla UkrainyARمنتخب مصر يستعد لمواجهة الأرجنتين في دور الـ16BRJuiz de Fora receberá R$ 217 milhões do governo federal para obras em áreas atingidas pelas chuvasINChinese President Xi Jinping Sends Congratulatory Message to US President Donald Trump for Independence DayDEExpertenkommission: Berlin ist nicht ausreichend auf Krisen vorbereitetTRMAKTEK Avrasya 2026: Türkiye'nin Üretim Kapasitesi VurgulanacakDEWissenschaftsrat fordert intellektuelle Souveränität im Umgang mit KI an HochschulenCRYPTO-ENBelgium Regulator Warns Consumers About Six Unlicensed Crypto Service ProvidersRUГлава ОАК: Замена двигателей Sam146 на ПД-8 для SSJ-100 не потребует госсредств
Newsgather
BackPolymarket Confirms User Fund Theft After Third-Party Breach
Polymarket Confirms User Fund Theft After Third-Party Breach
Developing
TechCrunch6/25/2026Crime1 min readUnited States

Polymarket Confirms User Fund Theft After Third-Party Breach

Quick Look

  • Prediction market Polymarket confirmed that hackers stole funds from an unspecified number of users following a third-party vendor breach that injected malicious code into its website.
  • The company is contacting affected victims and refunding them in full.
  • Blockchain monitoring firm PeckShield reported a phishing campaign targeting Polymarket users, with approximately $3 million in cryptocurrency stolen from over 11 victims.

AI-generated summary

Why It Matters

Prediction market giant Polymarket confirmed a third-party breach led to hackers stealing funds from users by injecting malicious code into its website. The company has contained the incident and is contacting affected victims for full refunds.

Font size

Prediction market giant Polymarket confirmed that hackers stole funds from an unspecified number of users after a third-party breach.

In an X post on Thursday, Polymarket said that a compromise at a third-party vendor allowed hackers to inject malicious code into its website “for some users.” The company said it has “contained” the incident and is now contacting the affected victims and “refunding them in full.”

As of Thursday afternoon, it’s unclear exactly what happened.

When reached by TechCrunch, Polymarket spokesperson Connor Brandi confirmed that the breach led to users’ funds being stolen but declined to provide more information, and did not respond to specific questions about the incident.

Around the same time as the Polymarket post, blockchain monitoring firm PeckShield reported on X that a phishing campaign was targeting Polymarket users. According to PeckShield, hackers had stolen around $3 million worth of cryptocurrency.

A blockchain analyst also reported similar losses and claimed that the funds were stolen from more than 11 victims.

Polymarket offers users the possibility of being paid in cryptocurrency.

In the last couple of days, two people on social media claimed to have had their Polymarket funds stolen.

What to Watch

AI outlook — possibilities, not facts

  • Polymarket will contact affected victims and issue full refunds.

    Very likely · Within days

Open Questions

  • What is the exact number of affected users?
  • Which specific third-party vendor was compromised?
  • How was the malicious code injected into the website?

Related Topics

This article was originally published by TechCrunch.

Related Stories

More on this topicpolymarket