Loss of Privacy

While still incarcerated, Francis “Frank” Janosko hacked into the prison system’s computer that had been provided for inmates to perform legal research. He obtained sensitive information on prison employees, including their dates of birth, Social Security Numbers, telephone numbers, home addresses and employment records.

The computer he used was a so-called thin client computer that simply connected to another machine on the network and did not store any data itself, prosecutors said in Janosko’s indictment. The only program it was supposed to run was the prison’s legal research application.

However, Janosko found a way of “exploiting an idiosyncrasy in the legal research software” so he could access other programs via the terminal. He even found a way of downloading Internet video, prosecutors said.

Janosko plead guilty, will serve 18 months in prison, followed by three years supervision, which includes a prohibition of computers.

In the world of “how the hell is this possible?” an inmate in the New Hampshire Department of Corrections was caught with detailed information on every employee within the entire state system.

Officials believe the list, which dated from March 2008, came from the recently closed Laconia prison and was at a Concord prison warehouse to be shredded, according to an e-mail sent to prison employees. The inmate worked at the prison warehouse, Lyons said; it is not yet known what, if anything, he did with the list or how long he had it.

The list was produced for the human resources office, Lyons said. The list, Lyons said, did not include other personal information, such as phone numbers, addresses or family details.

According to an e-mail sent to corrections employees by corrections Capt. Jon Fouts, officials believe the “inmate had the document for less than one day and did not have the opportunity to do anything with it.” Fouts wrote that he had suspended the “shredding operation” at the warehouse and officials were now looking into “what we need to do to use a shredding service to destroy all documents like this in the future.”

“It is very shocking to find out that inmates have corrections employees’ information, and it’s very concerning and very alarming,” said Smith, a corrections officer himself. He said he wondered if “shortstaffing and budget woes” were the root causes.

Yes, it’s very concerning and alarming and hiding behind the excuse of short staff is reprehensible.  Prisoners, even those in minimum security prisons, should never be allowed to be anywhere near sensitive and private information.

Aside from this fact, the prison guards also failed to check the prison guards when they left the warehouse.  Apparently, inmates aren’t checked before they leave the warehouse or after they get back to their cells and the guards are sick of supervisors downgrading infractions by the inmates.

As usual, those in charge are busy with ass covering instead taking the blame for not having any policy in place for such an event.