North Koreans stole Americans' identities and took remote-work tech jobs at Fortune 500 companies, DOJ says

🌈 Abstract

The article discusses a complex stolen identity scheme involving North Korean IT workers who use the stolen identities of Americans to obtain remote employment at U.S. companies, generating revenue for the North Korean government, including for its weapons program.

🙋 Q&A

[01] Overview of the Stolen Identity Scheme

1. What is the nature of the stolen identity scheme involving North Korean IT workers?

• The scheme involves thousands of North Korean IT workers who are dispatched by the North Korean government to live abroad and use stolen identities of Americans to obtain remote employment at U.S.-based Fortune 500 companies.
• This allows the heavily sanctioned North Korea, which is cut off from the U.S. financial system, to take advantage of the high-tech labor shortage in the U.S. and the proliferation of remote work to generate revenue, including for its weapons program.

2. How does the scheme operate?

• The North Korean IT workers use the stolen identities to obtain remote jobs at U.S. companies, giving them access to sensitive corporate data and lucrative paychecks.
• An Arizona woman, Christina Marie Chapman, facilitated the scheme by helping the workers obtain and validate stolen identities, receiving laptops from U.S. companies, and connecting the overseas workers remotely to company networks.
• Chapman ran "laptop farms" where U.S. companies sent computers and paychecks to IT workers they did not realize were overseas.

3. What is the scale and impact of the scheme?

• The scheme has affected more than 300 companies, including a high-end retail chain and a "premier Silicon Valley technology company", and generated more than $6.8 million in revenue for the workers.

[02] Law Enforcement Response

1. What is the Justice Department's strategy in addressing this scheme?

• The Justice Department is not only prosecuting individuals who enable the fraud, but also building partnerships with other countries and warning private-sector companies to be vigilant about the people they hire.

2. What actions have been taken by law enforcement?

• The Justice Department announced the arrests of three people involved in the scheme, including the Arizona woman, Christina Marie Chapman, who facilitated the scheme.
• The State Department is offering a reward for information about certain North Korean IT workers who were assisted by Chapman.
• The FBI issued a public service announcement warning companies about the scheme and encouraging them to implement identity verification standards and educate HR staff about the threat.