In an unexpected turn of events, a simple document sparked a major security debacle. Recently, South Korea’s National Tax Service (NTS) published a press release intended to showcase its rigorous efforts against tax evasion. Unfortunately, within this release lay a crucial error—a complete seed phrase of a digital wallet was inadvertently exposed to the public.
Within mere hours, a staggering $4.8 million worth of cryptocurrency was siphoned off as a result of this oversight.
The Fallout from a Single Oversight
The press release featured an image revealing a Ledger hardware wallet alongside a handwritten note displaying the full mnemonic phrase, which serves as the fundamental key for accessing a cryptocurrency wallet.
There was no attempt to obscure or protect this sensitive information. As reported by various South Korean media outlets, this action was part of a wider NTS initiative aimed at tracking down tax delinquents. The press release showcased seized digital assets as evidence of the agency’s efforts.
What was intended to signal a strong government stance inadvertently granted malicious actors unfettered access to significant funds.
Experts analyzing the blockchain activity noted three incoming transfers, totaling 4 million PRTG (Pre-Retogeum) tokens, followed by a swift transfer that drained the wallet’s entire balance. The operation was executed seamlessly and efficiently, leading to swift losses.
Expert Opinions on the Implications
Jaewoo Cho, an associate professor at Hansung University’s Blockchain Research Center, confirmed the theft on social media. He highlighted that the exposed mnemonic led to the loss of approximately 4 million tokens valued at about $4.8 million.
In a public statement, I confirmed that 4 million PRTG tokens—approximately $4.8 million—were stolen due to the publicly exposed mnemonic by the NTS. pic.twitter.com/JWnVI5Ua0N
— Jaewoo Cho (@clayop) February 27, 2026
Moreover, Cho examined additional wallets that might have had their seed phrases exposed in the same image and indicated that they did not present a substantial risk. He expressed that since PRTG tokens are challenging to convert to cash, the actual financial impact could be less severe than initially believed. This incident might prompt South Korean authorities to implement better security measures for handling seized digital assets.
As of now, the NTS has yet to comment publicly on the incident.
Recurring Themes of Security Failures in South Korea
This incident highlights broader systemic issues within South Korea’s handling of digital assets. It is not a standalone case; reports emerged earlier indicating that 22 Bitcoin, seized during a 2021 hacking investigation, mysteriously disappeared from a cold wallet stored within a police vault in Gangnam.
Two suspects were apprehended after investigators determined that the missing coins were transferred using a mnemonic phrase that authorities had not secured.
These Bitcoin, currently valued at around $1.4 million, remain unaccounted for.
Featured image from Unsplash, chart from TradingView
