Korean Tax Authority Accidentally Exposes Wallet Recovery Phrase, Resulting in $4.8M Token Loss
In a major security mishap, South Korea's National Tax Service inadvertently revealed a cryptocurrency wallet's seed phrase in an official document, allowing unknown parties to quickly drain approximately $4.8 million worth of digital assets.
In an embarrassing security lapse on Thursday, South Korea's National Tax Service (NTS) inadvertently published a cryptocurrency wallet's complete seed phrase within an official press release, resulting in the theft of approximately 4 million PRTG (Pre‑Retogeum) tokens valued at around $4.8 million from the compromised address, based on reports from local news outlets.
Based on numerous reports from Korean news sources including Naver, Chosun and additional outlets, the official press release was connected to the National Tax Service's enforcement initiative targeting individuals with outstanding tax obligations and asset confiscations that the agency had executed. The document allegedly featured a photograph displaying a Ledger cold storage wallet alongside a document containing the complete mnemonic recovery phrase visible without any redaction or obfuscation.
Cryptocurrency blockchain analysts subsequently discovered an Ether (ETH) wallet address connected to the compromised phrase that temporarily contained the 4 million PRTG tokens prior to the complete balance being moved to another location.
Blockchain data associated with that particular address reveals three incoming transactions totaling 4 million PRTG, which were then followed by one outgoing transaction moving precisely 4 million PRTG to a different wallet address, aligning with the aforementioned reports.
Jaewoo Cho, an associate professor at Hansung University's Blockchain Research Center who examined the transaction patterns, posted on X on Friday, stating, "We have confirmed that 4 million PRTG tokens, worth approximately $4.8 million, were stolen from the mnemonic that was leaked (disclosed) through a press release from the National Tax Service."
He further stated that, "fortunately, the other exposed mnemonics do not seem likely to cause any major issues," and contended that due to the fact that the compromised tokens were challenging to liquidate, "the actual damage is at a negligible level."
He expressed optimism that the incident would serve as a "blessing in disguise" that would encourage Korean government agencies to establish appropriate virtual asset storage and security protocols.
Crypto custody failures test Korean authorities
This mishap arrives as authorities in South Korea are grappling with yet another cryptocurrency custody controversy. In an unrelated incident, law enforcement officials uncovered in Feb. 2026 that 22 Bitcoin (BTC) confiscated during a 2021 cybercrime investigation had disappeared from a cold storage wallet kept in a secure vault at a Gangnam police facility.
Authorities apprehended two individuals on Thursday following an investigation that revealed the digital coins had been transferred using a mnemonic recovery phrase that law enforcement had never possessed or controlled.
Additionally, financial oversight bodies are facing mounting scrutiny regarding Bithumb's recent 620,000 BTC fat finger promotional mistake, during which the cryptocurrency exchange temporarily allocated users with approximately $43 billion in Bitcoin that did not actually exist, and the Financial Services Commission expanded its investigation following backlash that it had not identified critical system vulnerabilities at an earlier stage.