Polymarket Internal Wallet Key Compromise Moves $573K

On May 22, 2026, Polymarket confirmed that approximately $573,200 was moved on Polygon after a compromised private key from an internal operational wallet. The incident was first flagged by on-chain investigator ZachXBT, who alerted via Telegram that a Polymarket admin address appeared compromised, estimating over $520,000 withdrawn. Lookonchain later estimated over $660,000 based on Arkham data. Polymarket's Vice President of Engineering, Josh Stevens, stated that no Polymarket or UMA contracts were exploited, user funds remain safe, and the market resolution process was unaffected. The compromised key was six years old and part of an internal top-up configuration. Polymarket collaborated with ZachXBT, BitcoinVN, and ChangeNOW to freeze $164,000 (28.6% of the moved funds). Stevens announced that Polymarket rotated the affected key, revoked associated production access, and will migrate key management to KMS. A scheduled maintenance occurred the same day, pausing trading for 5-10 minutes, but its relation to the incident is unclear. Polymarket has not disclosed how the key was compromised, the wallet's access scope, or whether further recovery is possible. A full postmortem may clarify these details.