South Korea's National Tax Service (NTS) has suffered a major security breach after accidentally exposing the full mnemonic seed phrase of a seized cryptocurrency wallet in an official press release, leading to the loss of approximately $4.8 million in digital assets.
The incident occurred on Thursday, February 27, 2026, when the NTS published materials detailing an enforcement campaign against 124 high-value tax delinquents. The press release included a photograph showing a Ledger cold wallet device alongside a sheet of paper containing the wallet's complete 12 or 24-word recovery phrase, displayed clearly without any blurring or redaction.
Blockchain researchers quickly identified an Ethereum address linked to the leaked seed phrase that held 4 million PRTG (Pre-Retogeum) tokens. On-chain data shows that shortly after the mnemonic was exposed—around early morning on February 27—the entire balance of 4 million PRTG was transferred out in a single transaction to an unidentified wallet. Three inbound transfers totaling 4 million PRTG preceded the outflow.
Associate Professor Jaewoo Cho of Hansung University's Blockchain Research Center confirmed the theft, stating on X: "We have confirmed that 4 million PRTG tokens, worth approximately $4.8 million, were stolen from the mnemonic that was leaked through a press release from the National Tax Service."
Market data reveals significant challenges in liquidating the stolen tokens. PRTG currently trades on just one exchange, MEXC, with only $332 in 24-hour trading volume. The token has a reported market capitalization of about $12 million, meaning the stolen 4 million tokens represent approximately 40% of the total supply. This severely limits the thief's ability to convert the assets to cash at prevailing market prices.
Professor Cho noted that "the actual damage is at a negligible level" due to the liquidity constraints, but criticized the security failure as preventable. He expressed hope the incident would serve as a "blessing in disguise" that pushes Korean public bodies to establish proper virtual asset custody systems.
This is not an isolated incident for South Korean authorities. The NTS leak follows a series of crypto custody failures in recent months. In February 2026, police discovered that 22 Bitcoin (BTC) seized in a 2021 hacking investigation had vanished from a cold wallet stored in a Gangnam police vault, leading to two arrests. Separately, regulators face pressure over Bithumb's recent "fat finger" error that briefly credited users with about $43 billion in non-existent Bitcoin, prompting an extended Financial Services Commission probe.
Security experts universally condemned the NTS's handling of sensitive information. Professor Hwang Seok-jin of Dongguk University emphasized that "photographing and storing a mnemonic code digitally is something that should never be done," stressing that recovery phrases must be recorded on physical media and stored offline.
