The Polymarket forecast platform was hacked and discovered on June 25. Hackers stole about $2.94 million from users' accounts. The incident occurred due to third-party service provider compromise, which allowed a malicious script to be implemented in the site front end. According to Specter, the malicious code was used for a phishing attack that wiped out at least 11 wallets. The Polymarket team localized the threat and promised full compensation to those affected.

The break-in was the 89th recorded incident in the second quarter of 2026, making it the most successful quarter-on-quarter attack in crypto history. In June, damage reached $74.9 million (29 cases), exceeding the May figure of $60.5 million but falling short of April’s $644 million. Among the biggest June break-ins were the attack on Humanity Protocol ($36 million), the Secret Network bridge explosion ($4.7 million), two attacks on Aztec ($2.1 million each) and the Taiko Bridge hijacking ($1.7 million). In the last 30 days, the main vectors of attacks were private key theft (43%), fake payment confirmations in P2P protocols (10%) and schemes to cheat MEV bots (8%).

This is not the first incident for Polymarket: a month earlier, the platform lost $600,000 due to a leak of the private key for internal operations. Then, Vice President of Engineering Josh Stevens assured that the contracts and user funds were not damaged. Despite security challenges, the platform’s popularity continues to grow: the total locked-in value at Polymarket exceeded $450 million, up 301% from $112 million last year.