Christina Marie Chapman, a 50-year-old Arizona woman, has been sentenced to federal prison for an extensive scheme that enabled North Korean technology workers to infiltrate U.S. companies under stolen American identities. The Department of Justice (DOJ) revealed that Chapman’s actions facilitated nearly 300 American companies by allowing North Korean IT employees to work remotely under fraudulent credentials. The scheme, which spanned from 2020 to 2023, resulted in the theft of 68 American identities and over $17 million in illicit funds for the North Korean government. The DOJ alleges that Chapman hosted the stolen devices in her home, which were later seized during a search conducted in 2023. The operation not only defrauded American businesses but also raised serious national security concerns due to its potential impact on sensitive technological infrastructure.
In furtherance of the scheme, Chapman received and hosted laptops in her home from the companies she defrauded, which included a Fortune 500 company, a major TV network, and a Silicon Valley tech firm. Those companies believed they had hired the Americans whose identities were stolen, but in reality, the workers were North Koreans barred from working in the U.S. The DOJ reported that Chapman shipped 49 devices to a Chinese city that borders North Korea, which suggests a broader network of collusion with foreign entities. Over 90 laptops were recovered from her home during the execution of a search warrant in 2023. The scheme’s impact extended beyond individual companies, with the DOJ highlighting its potential to threaten the security of financial institutions and the nation’s technological landscape.
Chapman pleaded guilty in February to conspiracy to commit wire fraud, aggravated identity theft, and conspiracy to launder monetary instruments. Her sentence includes a prison term of 102 months, along with the requirement to forfeit $284,556 intended for North Korean agents and pay a judgment of $176,850. The DOJ emphasized the gravity of the case, stating that North Korea’s actions pose a significant threat to American corporations and financial institutions. U.S. Attorney Jeanine Ferris Pirro condemned the scheme, noting that North Korea’s fraud on American citizens and companies represents an ‘enemy within,’ underscoring the nation’s vulnerability to such cybercrime networks. FBI Assistant Director Roman Rozhavsky reiterated the risks, highlighting the potential for North Korean operatives to compromise sensitive national security technologies through the exploitation of willing U.S. citizens.
Law enforcement officials emphasized the importance of holding individuals accountable for enabling foreign state-sponsored cyber activities. The case serves as a cautionary tale about the potential for individuals to engage in activities that jeopardize the economic and national security interests of the United States. The DOJ’s actions in this case underscore the government’s commitment to protecting its critical infrastructure against cyber threats, particularly those originating from adversarial states. The prosecution of Chapman is part of a broader effort to dismantle networks that facilitate such sophisticated cybercrime operations, which often have severe implications for both national security and economic stability.