Polymarket Rejects Hacker Claims, Says Data Is Publicly Accessible
Polymarket denies a data breach, stating hacker-claimed private user data is publicly available.Summary
Prediction markets platform Polymarket has refuted claims of a customer data breach made by a hacker on the dark web. The hacker, using the pseudonym "xorcat," claimed to have stolen over 300,000 records, including user profiles, images, and wallet addresses. Polymarket has described these claims as "complete and utter nonsense," asserting that the information is publicly accessible through their API endpoints and on-chain data, which they offer to developers for free. The platform highlighted that being on-chain means data is publicly auditable, a feature, not a bug, and no data was leaked. While the hacker alleged data was obtained via undocumented API endpoints and misconfigurations, security experts have expressed skepticism, suggesting the data may have been parsed from public sources. Polymarket also noted it has a live bug bounty program, contrary to the hacker's assertion.
(Source:Cointelegraph)