South Korea’s National Tax Service has been severely embarrassed by their lack of operational controls, resulting in a loss of public funds. While trying to demonstrate their recent success with the confiscation of digital assets owned by delinquent taxpayers, the National Tax Service accidentally shared the master password for the government-managed digital currency wallet. This careless act allowed some anonymous party to quickly withdraw approximately $4.8 million worth of tokens and raises serious questions about the government’s capacity to securely store seized digital assets.
The Costly Press Release Error
The incident unfolded on Thursday when the tax authority published an official press release to update the public on its enforcement campaigns. Included in the distributed materials was a photograph meant to serve as visual evidence of the seizures. The image showed a Ledger hardware wallet resting next to a sheet of paper. Sadly, the wallet’s full mnemonic seed phrase was stated directly in this document. The mnemonic seed phrase is a string of words that represents a master key to funds. The paper was not blurred and displayed on the internet for anyone to see, giving them complete access to all of the digital assets associated with that wallet.
Swift Action by Blockchain Thieves
Eagle-eyed internet users noticed the mistake very quickly and took advantage of it. Using the leaked recovery phrase, blockchain researchers began tracking the fallout and located a specific digital address associated with the funds. The transparent public ledger shows that the compromised wallet contained approximately 4 million Pre-Retogeum (PRTG) tokens for a brief period. There are records of three deposits into that wallet followed almost immediately by one withdrawal that removed the entire balance to an unidentified third-party wallet.
A Silver Lining in a Bleak Situation
While the headline figure of nearly five million dollars is alarming, local experts suggest the actual economic fallout might be limited. Jaewoo Cho, an associate professor at Hansung University’s Blockchain Research Center, analyzed the flow of the stolen funds. He confirmed the theft but noted that PRTG tokens are notoriously difficult to liquidate in large volumes without crashing the market price. Because cashing out is so challenging, Cho argued that the practical damage is relatively negligible. He expressed hope that this embarrassing episode serves as a wake-up call, forcing public bodies to establish professional-grade custody protocols.
A Growing Trend of Custody Failures
The country is currently grappling with a string of high-profile crypto custody scandals. Just last month, authorities discovered that 22 Bitcoin—seized during a 2021 hacking investigation—had completely vanished from a cold storage device locked inside a secure Gangnam police vault. Investigators recently arrested two suspects after discovering the funds were moved using a seed phrase that the police department never actually secured.
Mounting Pressure on Financial Regulators
The government’s inability to secure digital assets is compounding existing frustrations with the broader financial sector. After a disastrous event of a technical nature at Bithumb, one of the world’s leading cryptocurrency exchanges, there has been a lot of public frustration with regulatory bodies. Recently, they ran an advertising campaign that led customers to getting rich inadvertently by receiving an account balance showing billions of dollars in “fake” bitcoin. Because of this, the Financial Supervisory Commission (FSC) is currently doing an extensive review of this incident. The urgency for instituting quality institutional security standards at both government and private sectors has never been greater because of the repeated instances of loss or mishap such as the one at Bithumb.
