South Korea Orders Cross‑Agency Review After Tax Office Accidentally Discloses Crypto Wallet Seed Phrase
Seoul, March 2, 2026 – Deputy Prime Minister and Minister of Economy and Finance Koo Yun‑cheol announced an inter‑agency investigation into the handling of seized digital assets following a mistake by the National Tax Service (NTS) that exposed the recovery phrase of a confiscated hardware wallet. The mishap resulted in the loss of roughly 4 million Pre‑Retogeum (PRTG) tokens, valued at about 6 billion won (≈ $4.8 million).
What happened
In a press release posted on Thursday, the NTS included a photograph of a hardware wallet that unintentionally displayed the full 12‑ or 24‑word seed phrase used to restore the wallet. The seed phrase is effectively a master key; anyone who sees it can gain unrestricted access to the wallet’s contents. Within hours of the image’s publication, unknown actors transferred the seized PRTG tokens to external addresses, depleting the wallet.
Government response
Koo took to the social platform X to outline the next steps. He said the Ministry of Economy and Finance will work together with the Financial Services Commission (FSC) and the Financial Supervisory Service (FSS) to:
- Review the status and management procedures for all digital assets seized from taxpayers who have violated tax or financial regulations.
- Accelerate the implementation of tighter security controls for custodial processes in public institutions.
- Ensure that the state’s holdings of cryptocurrency are limited to assets obtained through law‑enforcement actions, not for any other purpose.
The review is intended to “prevent recurrence” of such security lapses and to address broader concerns about the robustness of South Korea’s public‑sector digital‑asset safeguards.
Wider context
The NTS incident is the latest in a series of custodial missteps that have drawn scrutiny to South Korea’s handling of crypto assets. In 2021, Seoul’s Gangnam police department lost 22 bitcoin after entrusting them to a third‑party custodian during a hacking investigation. Both cases highlight gaps in procedural oversight, staff training, and technical safeguards.
These incidents arrive as the government pushes for a more stringent regulatory framework for virtual assets. Recent amendments to the Virtual Asset Service Provider (VASP) Act and ongoing discussions at the FSC signal a move toward tighter licensing, reporting, and audit requirements for entities dealing with cryptocurrencies.
Analysis
- Regulatory pressure intensifies – The leak adds urgency to the government’s plan to overhaul the oversight architecture for digital assets. Regulators may accelerate the rollout of new guidelines on secure storage, internal controls, and incident reporting for both public bodies and private custodians.
- Public‑sector risk management under the microscope – The episode underscores the need for specialized expertise when handling cryptographic keys. Traditional IT security protocols are insufficient for hardware‑wallet management, prompting calls for dedicated crypto‑security units within ministries.
- Investor confidence could be affected – Although the state’s exposure is limited to assets seized through enforcement actions, the visibility of the mistake may erode confidence among crypto investors who watch regulatory performance closely.
- Potential legal ramifications – Victims of the unauthorized transfer may pursue restitution claims, but the rapid depletion of the tokens complicates recovery efforts. The incident could also trigger civil liability for the NTS if procedural negligence is established.
Key takeaways
- Seed phrase leak: A publicly released image inadvertently revealed the full recovery phrase of a seized hardware wallet, leading to a $4.8 million loss.
- Government action: Deputy Prime Minister Koo ordered a joint review with the FSC and FSS to tighten security and audit all seized digital assets.
- Systemic issues: The incident follows previous custodial failures, highlighting broader weaknesses in South Korea’s public‑sector crypto‑asset management.
- Regulatory momentum: The leak may accelerate ongoing reforms aimed at stricter supervision of virtual assets and custodian responsibilities.
- Implications for stakeholders: Both public institutions and private entities will likely face heightened scrutiny and may need to adopt more robust crypto‑security practices.
The forthcoming review will determine how South Korean authorities adjust their protocols and could serve as a benchmark for other jurisdictions grappling with the secure handling of seized cryptocurrency.
Source: https://cointelegraph.com/news/outh-korea-cross-agency-probe-tax-office-crypto-wallet-leak?utm_source=rss_feed&utm_medium=feed&utm_campaign=rss_partner_inbound
