An Arizona woman has been sentenced to 8.5 years (102 months) in prison for her role in a fraud scheme that helped North Korean hackers obtain remote jobs at U.S. companies and steal $17 million using stolen identities.
Christina Marie Chapman, a resident of Arizona, played a key part in enabling North Korean IT specialists—posing as U.S. citizens—to secure remote positions at more than 300 American companies, including several Fortune 500 corporations. Her sentence was handed down in a federal court in the District of Columbia. Additionally, Chapman was ordered to pay $176,850 in restitution and to forfeit more than $284,000—funds intended for transfer to her North Korean collaborators.
According to the case, North Korean IT specialists obtained remote work in the U.S. by using stolen or falsified personal data of Americans. Chapman provided them with physical devices such as company computers, which she either stored at her home or sent to locations in China near the North Korean border.
Her residence became a "laptop farm," storing over 90 devices clearly labeled with their associated companies and the identities under which they were used.
In April, experts from Google’s Threat Intelligence Group reported that alleged North Korean IT specialists were also involved in operations across multiple European countries.
“Chapman made a fatal bet: short-term gain at the expense of harm to U.S. citizens and the benefit of a foreign adversary has serious consequences,” said acting Assistant Attorney General Matthew Galeotti.
North Korean IT workers even applied for jobs at U.S. government agencies, though most attempts failed. However, they managed to secure positions at leading U.S. media, automotive, aviation, technology, and retail companies.
“North Korea is not just a threat from afar. It is a threat from within. It is an enemy that is defrauding American citizens, businesses, and banks,” stated U.S. Attorney for the District of Columbia Jeanine Pirro.
Chapman not only organized access to corporate systems but also funneled salaries of fake IT workers through her own accounts, forging checks using stolen identities.
The case was investigated by the Federal Bureau of Investigation (FBI) and the Internal Revenue Service (IRS), particularly their Phoenix and Chicago field offices.
“Today’s conviction demonstrates that even a scheme as complex as the one that supports North Korea’s nuclear program cannot be accomplished without the involvement of U.S. citizens,” said an FBI spokesperson.
