Polymarket has confirmed a recent security incident that resulted in unauthorised access to a limited number of user accounts.
The decentralised prediction market said the breach was caused by a vulnerability in an external authentication service rather than its core systems.
User complaints surfaced on platforms such as X and Reddit, detailing unexpected login alerts and sudden fund losses.
One Reddit user said they woke up to multiple login attempts despite no signs of compromise across their device or other accounts.
The user reported that all open Polymarket positions were liquidated without authorisation.
According to the post, the affected account balance was reduced to just $0.01.
Other users shared similar experiences involving repeated login notifications followed by full wallet drains.
Several victims stated they had avoided suspicious links and had not shared credentials.
Users also noted that two-factor authentication was enabled on their email accounts at the time.
These reports suggested that the breach bypassed common security protections.