A Hidden Data Center in an American Home Tied to North Korea’s Espionage Machine
In the roaring 1920s, American homes occasionally doubled as secret speakeasies, hiding away illegal booze during the height of Prohibition. A century later, in 2024, one unassuming house in Arizona was hiding something far more sinister: a sophisticated data center, operated on behalf of hackers remotely connected to the North Korean regime. What began as an attempt to secure flexible work to care for an ailing family member ended with a federal prison sentence and exposure of a deeply embedded foreign espionage scheme targeting some of America’s most prominent companies.
Christina Chapman, a 50-year-old Arizona woman, has been sentenced to eight and a half years in federal prison for her role in supporting North Korea’s covert cyber operations. Following her sentence, she will face three years of supervised release and must pay restitution in the hundreds of thousands of dollars—a daunting debt tied to a crime that she, in part, stumbled into out of desperation. Court records reveal Chapman knew her actions could land her in prison, with one of her own chat logs stating: “I can go to federal prison for falsifying federal documents.” Yet desperation for income to support her cancer-stricken mother led her to take a job she would come to regret.
That job placed her at the heart of a North Korean scheme designed to exploit the global shift to remote work. Through widespread identity theft, VPN masking, and proxy access, North Korean IT workers impersonated U.S. citizens and landed remote jobs at over 300 American companies. These weren’t low-level gigs either—prosecutors revealed that the fraudulent workers had secured employment at major corporations across sectors: television networks, tech giants in Silicon Valley, aerospace firms, car manufacturers, and high-end retailers. Some of the compromised companies include household names like Nike.
Chapman’s role was deceptively simple: act as the U.S.-based “middleman.” She accepted job-related laptops and other equipment from American employers, often manually operating the devices in her home or forwarding them to other intermediaries in China, who would eventually route them into North Korea. Her house was transformed into an unregistered data center, with more than 90 laptops running simultaneously on wire shelves when the FBI executed a search warrant. Her involvement, although perhaps initially naive, was no small contribution—it kept the operation functional on U.S. soil.
Investigators from the FBI estimate that this cyber-enabled fraud generated at least $17 million, and may have resulted in the theft of proprietary information, trade secrets, and strategic data. As Ars Technica reports, Chapman’s home became the U.S. foothold in a globally coordinated espionage and fraud campaign—one that underscores North Korea’s evolving cyber tactics. Once known primarily for destructive hacks like the infamous 2014 Sony Pictures attack, North Korea has shifted toward monetized cybercrime, including ransomware and deep-infiltration operations masked by remote employment.
The case also highlights how artificial intelligence tools and generative technologies have enabled North Korean operatives to convincingly fake résumés, credentials, and even entire interviews. That deception allows hostile state actors to embed themselves in critical parts of Western infrastructure without setting foot on American soil.
Before her sentencing, Chapman expressed remorse and gratitude to the very investigators who arrested her. “I had been trying to get away from the guys that I was working with for a while and I wasn’t really sure how to do it,” she wrote to the judge. “While this wasn’t the ideal way to get away from them, it did indeed get me away from them and I am thankful.” Whether that gratitude tempers the full impact of her role remains a question—but the case serves as a potent reminder that even well-meaning individuals can find themselves swept up in international cyber warfare.
