Arizona Woman Accused Of Stealing Identities To Help North Koreans Get Remote IT Jobs At 300 US Companies

An Arizona woman is accused of working with people connected to the North Korean government to unlawfully obtain remote telework positions with American companies. 

According to charging documents released on Thursday, the woman identified as, Christina Chapman allegedly conspired with North Korean IT workers, Jiho Han, Chunji Jin, Haoran Xu, and others, in a scheme aimed at stealing the identities of US citizens to secure employment at US corporations under false pretences.

The allegations suggest that Chapman and her co-conspirators utilised the identities of more than 60 individuals residing in the US, resulting in nearly $7 million in earnings for the North Korean government from over 300 American companies. Among the affected companies were prominent Fortune 500 corporations, including a major TV network, a defence company, and an automotive manufacturer.

Investigators claim that Chapman went to great lengths to perpetrate the scheme, even utilising laptop computers issued to her co-conspirators under false identities to create the illusion that they were working within the US. She allegedly facilitated the laundering of their salaries and attempted to secure positions for some workers within US government agencies, including the Government Services Administration, through a fraudulent operation dubbed a "laptop farm."

Han, Jin, and Xu, identified as affiliates of North Korea's Munitions Industry Department, allegedly collaborated with Chapman in laundering the illicit funds back to North Korea. Chapman was arrested in Phoenix on Thursday.

Nicole M. Argentieri, head of the Justice Department's Criminal Division, issued a statement emphasising the gravity of the charges, warning American companies and government agencies about the risks associated with employing remote IT workers. The scheme not only enriched the North Korean government but also potentially compromised sensitive information belonging to the victimised companies.

The indictment details how the group contacted Chapman via LinkedIn in March 2020, initiating a process that involved storing resumes and targeting specific American citizens for identity theft through an online background check system.

Also, it was later revealed that the scheme required foreign workers to fabricate personas and online profiles matching job requirements, submitting counterfeit documents to the Department of Homeland Security for employment eligibility checks.

Messages exchanged between Chapman and her co-conspirators allegedly discuss the transfer of earnings from these illicit jobs. The charges against Chapman were announced concurrently with a criminal complaint filed against a Ukrainian individual implicated in a similar scheme involving the marketing of North Korean individuals as remote IT workers.