South Korean Police Lose $5 Million in Seized Cryptocurrency Due to Security Blunder

In a significant security lapse, South Korean police inadvertently lost $5.6 million worth of seized cryptocurrency after mistakenly posting sensitive information online. The incident occurred when the police published a press release detailing the seizure of cryptocurrency from 124 wealthy tax evaders. Unfortunately, the release included images that revealed a mnemonic recovery phrase, essential for accessing the crypto wallet, allowing a thief to steal the assets.

The images, intended to make the press release more engaging, showed a handwritten note next to a Ledger device, a type of cold wallet used to store cryptocurrency securely offline. The note contained the recovery phrase, which acts as a master key to transfer assets without needing additional permissions. This oversight led to the theft of 4 million PRTG tokens, valued at approximately $4.8 million, as reported by blockchain analysis expert Cho Jae-woo.

Following the incident, South Korea’s National Tax Service issued an apology, acknowledging the error and the lack of excuse for the oversight. They announced an investigation in collaboration with national police to trace the stolen funds and attempt recovery. However, the widespread circulation of the press release online complicates the identification of the thief, who remains unknown.

The thief’s ability to convert the stolen tokens into cash is uncertain, as doing so through regulated exchanges could expose their identity. Current market conditions might also hinder the conversion of such a large amount of cryptocurrency. Cho criticized the police for their negligence, comparing the exposure of the recovery phrase to leaving a wallet open, and noted that the original holder of the wallet had followed best practices by keeping the phrase offline.

This incident is not isolated, as it follows a series of crypto custody lapses by South Korean authorities. In January, officials in Gwangju lost a substantial amount of seized bitcoin, believed to be linked to a phishing attack. More recently, police in Seoul’s Gangnam district investigated the disappearance of 22 seized bitcoins, suggesting ongoing issues with securely handling sensitive information.

In response to the latest breach, the National Tax Service has committed to strengthening internal controls and improving job training to prevent future incidents. This incident highlights the challenges authorities face in managing digital assets securely and the potential consequences of lapses in security protocols.