A serious mishap by the South Korean National Tax Service (NTS) has led to the theft and loss of 6.9 billion won in PRTG tokens. The police had accidentally released the mnemonic code tied to the crypto assets taken into custody from a high-value trader, as part of the raid on tax evaders.
This serious oversight from the side of the public authority has sparked debate on the safety of one’s assets when seized by public institutions. The incident has placed the NTS on the receiving end of widespread criticism, urging immediate review of its security protocols.
Press Release Exposes Sensitive Passcodes
During a press release on Thursday, the NTS stated that they had confiscated 4 Cold Wallet devices from tax evaders. This happened as part of the tax enforcement actions carried out by the NTS against 124 high-value tax evaders, during which a total of 8.1 billion won was confiscated.
However, the mission backfired as the press release, which included photographs of the Ledger hardware wallets taken into custody, also exposed handwritten notes that displayed the wallet seed phrases – codes that grant access to the cold wallets.
The leak of the mnemonic codes through these high-resolution photos made it significantly easier to access the heavily-secure cryptocurrency, as such keys grant access to the asset without the necessity of its physical presence.
NTS’s slip-up has tarnished the image of public institutions and the level of security and care they provide to confiscated private property. Similar situations have been observed in the past, with negligence from public authorities putting sensitive private data at risk. The current scenario has triggered the very same discourse, causing serious public scrutiny and negative backlash against the NTS and other related institutions.
Possible Suspect Identified: Can Lost Crypto Be Retrieved?
Out of the total tokens confiscated, 4 million PRTG tokens, worth about 6.9 billion won, were stolen.
The Korean National Police Agency’s Cyber Terror Response Division received a complaint on Saturday from an unidentified individual claiming to have accessed the cryptocurrency using the code, “out of pure curiosity”, and also claims to have returned it the next day. However, officials have yet to confirm if the asset has been completely returned.
A second theft happened later that day as another thief exploited the exposed passcode, after the previous person’s confession and the return of the stolen goods.
Cryptocurrency does not provide any means of retrieving lost currency, as it lacks a central authority, making the theft a loss that the NTS will find hard to recover from.
Legal Consequences for NTS
The National Tax Service posted on social media earlier today, admitting its fault and promising stronger departmental monitoring over the issue, as well as for future scenarios. The post acknowledged exposing sensitive virtual asset information to the general public without proper caution. It assured further care from the government and public institutions to prevent recurrence.
Deputy Prime Minister and Finance Minister Koo Yun-cheol stressed the need for tighter security regarding such cases in the near future, as posted on X: “The government will inspect the status and management of digital assets held by government and public institutions through seizure from delinquents, in coordination with the Financial Services Commission and Financial Supervisory Service.”
Bottom Line
The South Korean National Tax Service (NTS) suffered a catastrophic security breach after accidentally publishing the mnemonic seed phrases of seized Ledger hardware wallets in a high-resolution press release photo. This oversight allowed two separate individuals to drain 6.9 billion won ($5.2 million) in PRTG tokens.
The incident has triggered a national scandal, forcing the Ministry of Finance to overhaul security protocols for seized digital assets and highlighting the irreversible risks of mishandling private keys within public institutions.
