TL;DR:
- South Korea’s National Tax Service leaked a seed phrase in a press release; 4 million PRTG worth $4.8 million were drained.
- On-chain data showed three inbound transfers then one outbound; Jaewoo Cho said other exposed mnemonics may not cause major issues and cashing out looks hard.
- The report set it beside other custody failures, including 22 BTC missing from a police vault and a promotion error under review.
South Korea’s National Tax Service triggered a fresh custody scare after it accidentally disclosed a crypto wallet seed phrase in an official press release. A seed phrase leak turns enforcement into exposure as tokens worth about $4.8 million were quickly drained. The release, tied to an enforcement campaign against tax delinquents and seizures, reportedly showed a Ledger device and a sheet of paper with the full mnemonic phrase left unmasked. Investigators linked the leak to 4 million PRTG tokens, which briefly sat at the exposed address before moving out, in plain public view online.
How the disclosure translated into an on-chain drain
On-chain traces made the drain undeniable as blockchain researchers mapped the flows, finding an Ether address tied to the leaked phrase that received three inbound transfers totaling 4 million PRTG, then sent exactly 4 million PRTG out in a single outbound transfer. Hansung University blockchain researcher Jaewoo Cho said analysis confirmed the theft from the mnemonic disclosed through the tax office press release. He added that other exposed mnemonics did not appear likely to cause major issues and argued cashing out the stolen tokens would be difficult, making the practical damage negligible to observers.
The episode underlines a basic rule of self-custody: a mnemonic phrase is a master key, so publishing it effectively hands control to anyone watching. The report placed the incident inside a pattern that suggests custody gaps are becoming systemic across public sector handlers. In a separate case, police discovered in February 2026 that 22 BTC seized during a 2021 hacking investigation had vanished from a cold wallet stored in a Gangnam police vault. Investigators arrested two suspects after concluding the coins moved using a mnemonic phrase police never controlled. That detail raises oversight alarms.
Pressure is also building on market infrastructure. The report noted criticism around a recent promotion error at Bithumb that briefly credited users with about $43 billion in non-existent Bitcoin, prompting the Financial Services Commission to extend its probe after allegations it missed systems flaws. While distinct from the tax office leak, both episodes point to a common control problem where trust fails when processes are improvisational and secrets are mishandled. For public bodies, the lesson is operational governance, not slogans, including segregated access, redaction discipline, and auditable custody procedures treated like critical financial plumbing.
