Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Justice Dept makes arrests in North Korean identity theft scheme involving thousands of IT workers

The Justice Department has announced three arrests in a complex stolen identity scheme that officials say generates enormous proceeds for the North Korean government, including for its weapons program

Eric Tucker
Thursday 16 May 2024 21:20 BST
North Korea Identity Theft
North Korea Identity Theft (Copyright 2022 The Associated Press. All rights reserved)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The Justice Department on Thursday announced the arrests of three people in a complex stolen identity scheme that officials say generates enormous proceeds for the North Korean government, including for its weapons program.

The scheme involves thousands of North Korean information technology workers who prosecutors say are dispatched by the government to live abroad and who rely on the stolen identities of Americas to obtain remote employment at U.S.-based Fortune 500 companies, jobs that give them access to sensitive corporate data and lucrative paychecks.

Officials say the fraud is a way for heavily sanctioned North Korea, which is cut off from the U.S. financial system, to take advantage of a high-tech labor shortage in the U.S. and the proliferation of remote telework.

“More and more often, compliance programs at American companies and organizations are on the front lines of protecting our national security,” Marshall Miller, the Justice Department's principal associate deputy attorney general, said in an interview. "Corporate compliance and national security are now intertwined like never before.”

The Justice Department says the conspiracy has affected more than 300 companies — including a high-end retail chain and “premier Silicon Valley technology company” — and generated more than $6.8 million in revenue for the workers, who are based outside of the U.S., including in China and Russia.

The three people arrested include an Arizona woman, Cristina Marie Chapman, who prosecutors say facilitated the scheme by helping the workers obtain and validate stolen identities, receiving laptops from U.S. companies who thought they were sending the devices to legitimate employees and helping the workers connect remotely to the company.

The other two defendants include a Ukrainian man, Oleksandr Didenko, who prosecutors say created fake accounts at job search platforms and was arrested in Poland last week, and a Vietnamese national, Minh Phuong Vong, who was arrested Thursday in Maryland on charges of fraudulently obtaining a job at a U.S. company that was actually performed by remote workers who posed as him and were based overseas.

It was not immediately clear if any of the three had lawyers.

Separately, the State Department said it was offering a reward for information about certain North Korean IT workers.

The FBI, which conducted the investigations, issued a public service announcement that warned companies about the scheme, encouraging them to implement identity verification standards through the hiring process and to educate human resources staff and hiring managers about the threat.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in