Polymarket suffered a security breach this week after an internal admin wallet was compromised. Blockchain investigator ZachXBT reported that about $520,000 was initially drained from the wallet, though the incident has been widely reported as a $700,000 hit. The prediction market platform confirmed the security event but stressed that user funds were not affected.
How the breach unfolded
ZachXBT flagged the compromise on May 20, noting that the admin wallet had been drained of roughly $520,000 in crypto. The wallet was internal — not a smart contract or user-facing address. Polymarket didn't immediately disclose how the attacker gained access, but the incident appears isolated to that single wallet. The timing isn't great: Polymarket has been riding high on election-year prediction volume.
Polymarket's response
Polymarket confirmed the breach in a brief statement, saying user funds were never at risk. The platform didn't pause withdrawals or halt trading. That's a sharp contrast to some past exchange hacks where customer money got locked up. The company said it's working with security firms to investigate and has rotated internal access credentials.
The $700,000 headline figure
Multiple news outlets initially reported the incident as a $700,000 breach. That number appears to come from the total value of tokens in the compromised wallet before the attack — not what was actually taken. ZachXBT's estimate of $520,000 drained matches on-chain data he posted. The gap suggests some assets in the wallet weren't moved, or the attacker couldn't liquidate everything in time.
For Polymarket users, the bottom line is simple: no one lost money. But the breach does raise questions about internal security controls. Admin wallets are supposed to be locked down tight — multisig, cold storage, air-gapped. If a single key got popped, that's a red flag. Polymarket says it's tightening procedures, but didn't share specifics. Expect more details as the investigation wraps up.
