Korean Tax Authority Accidentally Hands Hackers 48M in Crypto
South Korean Authorities Accidentally Hand Hackers $4.8M in Crypto
A local report says authorities exposed a wealthy taxpayer’s crypto wallet, ‘Case 3,’ during a February 26 showcase of seized assets, triggering a major leak.
Written By:
Kenrodgers Fabian
Reviewed By:
Dishita Malvania
Last updated: February 27, 2026 6:58 PM
Published February 27, 2026 6:51 PM
Share
Korean Tax Authority Accidentally Hands Hackers $4.8M in Crypto
Key Highlights
South Korea’s tax blunder exposed a crypto wallet code, letting hackers steal $4.8M in hours.
Mnemonic codes act like full access to crypto; sharing them online is like leaving a bank vault open.
Experts warn: Always store crypto recovery keys offline on paper or metal, never online or in photos.
A security blunder hit South Korea as the National Tax Service accidentally exposed a crypto wallet’s recovery key, leading to a $4.8 million theft. The incident happened when the tax authority published a press release photo showing the mnemonic phrase for a seized wallet.
This phrase, essentially the master password for virtual assets, allowed hackers to drain the wallet almost immediately.
According to the Hansung University Blockchain Research Institute, the leak happened on February 26 when authorities showed off seized assets from habitual tax delinquents. One of the wallets belonged to a wealthy taxpayer, referred to as “Case 3.”
Officials displayed USB drives holding the wallet at the taxpayer’s home, but a photo accidentally exposed a Ledger hardware wallet along with its recovery code. Experts say this code, called a mnemonic, is like having your bank account, password, and security card all in one. With it, anyone could access the wallet and transfer all the funds anywhere in the world.
How hackers exploited the leak
Within just a few hours, hackers moved in. Professor Cho Jae-woo said around 4 million PRTG tokens, worth about $4.8 million, disappeared from the wallet in three separate transfers.
On-chain analysis showed the thief first sent a small amount of Ethereum to cover transaction fees, then carefully moved all the tokens to an unknown wallet. Experts cited by the local news outlet describe the incident as a “predictable disaster” caused by basic carelessness in handling digital assets.
Moreover, Professor Hwang Seok-jin of Dongguk University criticized the authorities for ignoring standard crypto security protocols. He stated, “Taking a picture of a mnemonic code and storing it in a gallery, messenger, or cloud is something you should never do.”
He compared it to taking a photo of your bank’s security card—basically handing thieves access. Both professors stressed that mnemonics should be kept offline, written on paper or engraved on metal, and never shared or stored online.
This comes on the heels of another similar case in the country this month, wherein the Gangnam Police Station in the capital city of Seoul confirmed that 22 Bitcoins worth 2.1 billion won ($1.5 million) went missing from its custody.
The Bitcoin was seized during an investigation in 2021, but went missing from the cold wallet without evidence of theft. The discovery was made during an audit nationwide after a similar case was recorded at the Gwangju District Prosecutors’ Office months prior.
This incident shows just how important it is to understand how to handle cryptocurrency safely. Also, the dangers of being careless with sensitive information are shown, which gives one the necessity of being careful with cryptocurrency.
A local report says authorities exposed a wealthy taxpayer’s crypto wallet, ‘Case 3,’ during a February 26 showcase of seized assets, triggering a major leak.
Written By:
Kenrodgers Fabian
Reviewed By:
Dishita Malvania
Last updated: February 27, 2026 6:58 PM
Published February 27, 2026 6:51 PM
Share
Korean Tax Authority Accidentally Hands Hackers $4.8M in Crypto
Key Highlights
South Korea’s tax blunder exposed a crypto wallet code, letting hackers steal $4.8M in hours.
Mnemonic codes act like full access to crypto; sharing them online is like leaving a bank vault open.
Experts warn: Always store crypto recovery keys offline on paper or metal, never online or in photos.
A security blunder hit South Korea as the National Tax Service accidentally exposed a crypto wallet’s recovery key, leading to a $4.8 million theft. The incident happened when the tax authority published a press release photo showing the mnemonic phrase for a seized wallet.
This phrase, essentially the master password for virtual assets, allowed hackers to drain the wallet almost immediately.
According to the Hansung University Blockchain Research Institute, the leak happened on February 26 when authorities showed off seized assets from habitual tax delinquents. One of the wallets belonged to a wealthy taxpayer, referred to as “Case 3.”
Officials displayed USB drives holding the wallet at the taxpayer’s home, but a photo accidentally exposed a Ledger hardware wallet along with its recovery code. Experts say this code, called a mnemonic, is like having your bank account, password, and security card all in one. With it, anyone could access the wallet and transfer all the funds anywhere in the world.
How hackers exploited the leak
Within just a few hours, hackers moved in. Professor Cho Jae-woo said around 4 million PRTG tokens, worth about $4.8 million, disappeared from the wallet in three separate transfers.
On-chain analysis showed the thief first sent a small amount of Ethereum to cover transaction fees, then carefully moved all the tokens to an unknown wallet. Experts cited by the local news outlet describe the incident as a “predictable disaster” caused by basic carelessness in handling digital assets.
Moreover, Professor Hwang Seok-jin of Dongguk University criticized the authorities for ignoring standard crypto security protocols. He stated, “Taking a picture of a mnemonic code and storing it in a gallery, messenger, or cloud is something you should never do.”
He compared it to taking a photo of your bank’s security card—basically handing thieves access. Both professors stressed that mnemonics should be kept offline, written on paper or engraved on metal, and never shared or stored online.
This comes on the heels of another similar case in the country this month, wherein the Gangnam Police Station in the capital city of Seoul confirmed that 22 Bitcoins worth 2.1 billion won ($1.5 million) went missing from its custody.
The Bitcoin was seized during an investigation in 2021, but went missing from the cold wallet without evidence of theft. The discovery was made during an audit nationwide after a similar case was recorded at the Gwangju District Prosecutors’ Office months prior.
This incident shows just how important it is to understand how to handle cryptocurrency safely. Also, the dangers of being careless with sensitive information are shown, which gives one the necessity of being careful with cryptocurrency.
