Polymarket Denies Data Breach After Hacker Claims Theft of 300,000 Records Prediction markets platform Polymarket has refuted allegations of a data breach after a hacker, operating under the pseudonym xorcat, posted claims on the dark web that they had stolen over 300,000 records, including 10,000 unique user profiles containing full names, profile images, proxy wallets, and base addresses. The screenshots of the post, shared by cybersecurity firm Vecert Analyzer and dark web monitoring accounts on X (formerly Twitter), surfaced on Tuesday. Polymarket dismissed the claims as "complete and utter nonsense," asserting that the allegedly stolen data was already publicly accessible via its API endpoints and on-chain records. The platform emphasized that its transparency as a blockchain-based service means all data is auditable by design a feature, not a vulnerability. In a follow-up statement, Polymarket mocked the hacker’s attempt to monetize freely available information, questioning whether venture capital funding had backed the stunt. The hacker, however, argued that the data was obtained through undocumented API endpoints, pagination bypasses, and CORS misconfigurations in Polymarket’s Gamma and CLOB APIs. Xorcat also claimed to have breached other prediction markets and threatened to release additional data in the coming days. The motive, according to the hacker, was Polymarket’s lack of a bug bounty program though the platform has had an active program since April 16, receiving 446 reports as of Wednesday. Security experts have cast doubt on the breach claims. Vladimir S, Chief Security Officer at Legalblock, suggested the incident appeared to be a case of parsed public data being misrepresented as a database leak. The incident comes amid a surge in crypto-related exploits, with blockchain security firm Hacken reporting $482 million in losses across 44 Web3 incidents in Q1 2026. Polymarket’s denial highlights the ongoing tension between transparency in decentralized platforms and the risks of data exposure.