Polymarket points to third-party login tool after users report account breaches

• Prediction market Polymarket experienced a series of account breaches, with several users reporting missing funds and suspicious login attempts.
• The platform attributed the incident to an unidentified third-party login provider.
• Several users speculated the provider was Magic Labs, a popular tool for email-based logins and wallet creation.
• Polymarket acknowledged the issue, but did not disclose the number of affected users or the amount of money stolen, highlighting the risks of relying on third-party tools in crypto platforms.

Prediction market Polymarket blamed an unidentified third-party login provider for recent account breaches reported by several users.

The platform confirmed the security incident on its Discord channel after users reported missing funds and suspicious login attempts.

Social media posts on Reddit and X show several users received unexpected login alerts and then discovered their balances had been wiped. One user said their account dropped to just one cent despite not having their devices compromised and no other affected services.

Another user on X said they lost around $2,000, despite having two-factor authentication on. A third user said their “top 1000” Polymarket account was drained, while a fourth said a testing account was drained.

While Polymarket didn’t name the provider in question, several users pointed to Magic Labs, which allows email-based logins and automatically creates wallets for users. The tool is popular and allows newcomers who don’t have crypto wallets to easily access one, making it a common entry point to Polymarket and other platforms.

The company acknowledged the issue but did not disclose how many users were affected or the amount of money stolen.

“We recently identified and resolved a security issue affecting a small number of users. The issue was caused by a vulnerability introduced by a third-party authentication provider," a company spokesperson said on Discord. “Polymarket takes security extremely seriously, and the issue has been remediated. There is no ongoing risk at this time, and we will be in contact with impacted users."

Polymarket and Magic Labs did not respond immediately to emails asking for comment.

2025 was defined by a stark divergence: structural progress collided with stagnant price action. Institutional milestones were reached and TVL increased across most major ecosystems, yet the majority of large-cap Layer-1 tokens finished the year with negative or flat returns.

This report analyzes the structural decoupling between network usage and token performance. We examine 10 major blockchain ecosystems, exploring protocol versus application revenues, key ecosystem narratives, mechanics driving institutional adoption, and the trends to watch as we head into 2026.

• The crypto industry saw a record $8.6 billion in mergers and acquisitions in 2025, up from $2.17 billion in 2024, helped by President Trumps embrace of the sector.
• The largest deals of the year included Coinbase's $2.9 billion acquisition of Deribit, Kraken's $1.5 billion purchase of NinjaTrader, and Ripple's $1.25 billion buyout of Hidden Road.
• The surge in M&A activity and public listings, including $14.6 billion raised by 11 crypto firms, was driven in part by a rush for licenses as new compliance rules take hold.

Disclosure & Polices: CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of Bullish (NYSE:BLSH), an institutionally focused global digital asset platform that provides market infrastructure and information services. Bullish owns and invests in digital asset businesses and digital assets and CoinDesk employees, including journalists, may receive Bullish equity-based compensation.