Polymarket: Has rotated keys and revoked all production environment permissions; plans to migrate private keys to a key management service going forward.

Josh, a Polymarket representative, stated that neither Polymarket nor UMA contracts were exploited, all user funds remain secure, usage of Polymarket.com is unaffected, and platform operations continue as normal. He added that the incident stemmed from the leakage of a six-year-old private key used for internal deposit configurations, which led to funds being sent to the associated address. Polymarket has since rotated this private key, revoked all production environment permissions, and will migrate all private keys to the KMS key management system.