Polymarket Denies Data Breach: 300,000 Records Exposed via Public APIs
A hacker claims to have nabbed 300,000 user records from Polymarket, but the platform says it's just public data. This highlights the risks of relying on easily scraped information for P2P operations.
300,000 RECORDS HIT THE STREETS
A dark web actor is hawking 300,000 Polymarket user records, claiming a massive data breach.
This isn't some sophisticated exploit; it's a hacker leveraging publicly available data from Polymarket's APIs and on-chain history.
The alleged dump includes 10,000 user profiles, 4,111 comments, and over 48,000 markets from their Gamma API, plus 250,000 from their CLOB API. Exploits for CVE-2025-62718 and other vulnerabilities are also on the menu.
For P2P merchants on Binance and Bybit, this is a stark reminder: data scraped from public sources, even from decentralized platforms, can be weaponized. Don't assume anything is truly private if it's accessible via an API.
Expect more actors to weaponize publicly available data, forcing P2P platforms to harden their defenses and merchants to be hyper-vigilant about data sources.