Clueless cops post seized crypto wallet password. $5M quickly stolen.

Source: Ars Technica

Background

South Korea’s National Tax Service (NTS) inadvertently posted the password to a seized crypto wallet in a press release, allowing thieves to quickly steal the assets—estimated at around $5 million. Because the release was widely circulated online, the identity of the thief remains unknown.

Potential Suspects

The thief could be anyone who saw the password. Gizmodo suggested that the lack of clear suspects makes recovery difficult, and there is no easy way to claw back the funds.

Police Mistakes

• Failure to redact: The NTS did not remove the mnemonic recovery phrase from the images, effectively leaving the wallet “wide open.”
• Best practices ignored: While the original holder had only a handwritten note of the phrase, the police’s oversight exposed the information online.
• Risk of conversion: The Block noted that moving such a large amount through regulated exchanges would be challenging under current market conditions, likely prompting the thief to stay low and avoid major platforms.

Previous Incidents

• Gwangju (January): Officials investigated the loss of a substantial quantity of seized Bitcoin, which was linked to a phishing attack targeting Coinbase. (The Block report)
• Seoul’s Gangnam district (last month): An internal investigation was launched after 22 seized Bitcoins disappeared from a cold wallet that never left police control, suggesting insecure handling of sensitive information. (The Block report)

These cases illustrate a pattern of crypto custody lapses within South Korean law‑enforcement agencies.

Official Response

In the latest press release, a National Tax Service officer stated that internal controls and job training are being strengthened to prevent future leaks.