Justice Dept makes arrests in North Korean identity theft scheme involving thousands of IT workers
For free real time breaking news alerts sent straight to your inbox sign up to our breaking news emails
Sign up to our free breaking news emails
The Justice Department on Thursday announced the arrests of three people in a complex stolen identity scheme that officials say generates enormous proceeds for the North Korean government, including for its weapons program.
The scheme involves thousands of North Korean information technology workers who prosecutors say are dispatched by the government to live abroad and who rely on the stolen identities of Americas to obtain remote employment at U.S.-based Fortune 500 companies, jobs that give them access to sensitive corporate data and lucrative paychecks.
Officials say the fraud is a way for heavily sanctioned North Korea, which is cut off from the U.S. financial system, to take advantage of a high-tech labor shortage in the U.S. and the proliferation of remote telework.
“More and more often, compliance programs at American companies and organizations are on the front lines of protecting our national security,” Marshall Miller, the Justice Department’s principal associate deputy attorney general, said in an interview. „Corporate compliance and national security are now intertwined like never before.”
The Justice Department says the conspiracy has affected more than 300 companies — including a high-end retail chain and “premier Silicon Valley technology company” — and generated more than $6.8 million in revenue for the workers, who are based outside of the U.S., including in China and Russia.
The three people arrested include an Arizona woman, Cristina Marie Chapman, who prosecutors say facilitated the scheme by helping the workers obtain and validate stolen identities, receiving laptops from U.S. companies who thought they were sending the devices to legitimate employees and helping the workers connect remotely to the company.
The other two defendants include a Ukrainian man, Oleksandr Didenko, who prosecutors say created fake accounts at job search platforms and was arrested in Poland last week, and a Vietnamese national, Minh Phuong Vong, who was arrested Thursday in Maryland on charges of fraudulently obtaining a job at a U.S. company that was actually performed by remote workers who posed as him and were based overseas.
It was not immediately clear if any of the three had lawyers.
Separately, the State Department said it was offering a reward for information about certain North Korean IT workers.
The FBI, which conducted the investigations, issued a public service announcement that warned companies about the scheme, encouraging them to implement identity verification standards through the hiring process and to educate human resources staff and hiring managers about the threat.