Polymarket states the referenced onchain market data is publicly auditable and accessible through a public API, responding after Dark Web Informer said more than 300,000 records and an exploit toolkit were posted on a cybercrime forum.
Polymarket responded to claims of a data leak by saying the onchain data cited in the alleged breach is publicly auditable and available for free through its public API. The statement followed a post by Dark Web Informer on X saying that more than 300,000 records and an exploit toolkit had been posted on a cybercrime forum on April 29. Earlier allegations said the exposed material included around 10,000 KYC files, 41,000 comments, and 250,000 active CLOB markets, and that the data was extracted using undocumented API endpoints, a pagination bypass, and a CORS misconfiguration. Based on the provided information, Polymarket has challenged the characterization of at least part of the alleged leak, but the full scope of any exposure remains unverified.