Meet the Top 101 in Crypto
News
4 min read

Polymarket Users Report Drained Accounts, Hack or Security Issue?

Published 24 December 2025
Prashant Jha
Authors
Edited by Insha Zia

Key Takeaways

  • Polymarket confirmed unauthorized account drains caused by a vulnerability in a third-party authentication provider.
  • The issue primarily affected users who logged in via email-based wallet services, while Polymarket’s core protocol remained secure.
  • The vulnerability has been fixed, and the platform says there is no ongoing risk to users.

In the days leading up to Christmas, several Polymarket users logged in to an unwelcome surprise: their account balances had vanished.

On Dec. 24, Polymarket confirmed that a limited number of user accounts were drained after attackers exploited a security flaw in a third-party authentication service used by the platform.

While the incident did not compromise Polymarket’s core infrastructure, it reignited broader concerns about the risks introduced by external login and wallet providers in Web3.

Earn Crypto with These Top Mining Apps
Sponsored
Disclosure
Opened in 2009
Promotions
Earn a commission on your referral’s transactions.
Coins
Bitcoin Bitcoin Cash Ravencoin Zcash Ethereum Classic +6
Opened in 2019
Promotions
Sign up, verify, deposit 100 USDT, get 100 USDT bonus
Coins
Bitcoin Bitcoin Cash Litecoin Ethereum Classic Zcash +2
Show More

What Happened?

According to Polymarket, the issue stemmed from a vulnerability in an external authentication system used by some users to access their accounts via email-based logins.

Although Polymarket did not publicly name the provider, user reports across X, Reddit, and Discord suggest that Magic Labs—commonly used for email-based, non-custodial wallet access—may have been involved.

The flaw allowed unauthorized access to certain accounts, enabling attackers to drain USDC balances without user approval.

Polymarket said the vulnerability has since been resolved and emphasized that there is no ongoing risk to users.

Importantly, the company stated that its underlying smart contracts and prediction market protocol were not affected.

The incident was isolated to authentication, not settlement or market mechanics.

Polymarket has not disclosed how many users were impacted or the total value of funds lost, nor has it announced whether compensation will be offered.

The platform said it is able to directly contact affected users.

How Polymarket Users First Noticed

Early warnings began circulating between Dec. 22 and 23, when users reported unusual login notifications followed by sudden balance losses.

Some flagged abnormal access attempts tied to email-based logins, while others shared screenshots showing accounts wiped within minutes.

A recurring theme across reports was that affected users had relied on “magic link” or email-based authentication rather than connecting wallets directly.

The speed and consistency of the drains led many users to suspect a systemic issue rather than isolated phishing attempts—an assessment Polymarket later confirmed.

A Familiar Risk in Web3

While alarming, the incident reflects a well-known tension in crypto platforms: convenience versus security.

Third-party authentication services make onboarding easier, especially for users unfamiliar with wallets and private keys.

But they also introduce supply-chain risk, where vulnerabilities outside a platform’s direct control can expose users to losses.

This was not Polymarket’s first brush with security concerns.

In November 2025, a phishing campaign exploited the platform’s comment sections, resulting in more than $500,000 in reported user losses.

That incident, however, relied on social engineering rather than technical flaws.

The latest breach appears distinct, rooted in authentication bypass rather than user error.

What It Means Going Forward for Polymarket

Polymarket characterized the incident as affecting a “small number” of users, though discussion across social media suggests wider unease among its user base.

While such events rarely derail major platforms on their own, they underscore a recurring lesson in crypto: even when core protocols are sound, integrations can become points of failure.

For users, the episode may prompt renewed caution around email-based logins and custodial conveniences. For platforms, it reinforces the challenge of balancing accessibility with the uncompromising security expectations of decentralized finance.

As Polymarket works to reassure users and tighten safeguards, the incident adds to a growing list of reminders that in Web3, trust often hinges on the weakest link—not the strongest one.

Prashant Jha

Prashant Jha is a seasoned crypto journalist based in Delhi, India, with a Bachelor’s Degree in Computer Science Engineering. Passionate about the evolving world of blockchain and cryptocurrencies, he has been a dedicated voice in the industry since 2018. Prashant’s expertise lies in regulatory reporting, where he unravels complex legal and financial developments with clarity and precision. Before joining CCN in 2024, he honed his craft at Cointelegraph, establishing himself as a trusted name in crypto journalism.

His coverage spans major industry events, including the high-profile collapses of FTX, Three Arrows Capital (3AC), and LUNA, offering readers insightful analyses of their regulatory and market implications. Prashant’s technical background enables him to bridge the gap between intricate blockchain technology and its real-world applications, making his work accessible to novices and experts.

Beyond his professional pursuits, Prashant is an avid music enthusiast, often exploring diverse genres to unwind. A sports lover, he has a particular passion for cricket and frequently engages in discussions about the game. His multifaceted interests and sharp journalistic instincts make him a valuable contributor to CCN, where he continues shaping the crypto landscape's narrative.

Related

Survey Icon
Help us improve
1 of 4
Is this your first time here?
What brought you here today?
What are you most interested in?
Would you be interested in:
Thank you icon
Thank you for your feedback!
DMCA.com Protection Status