Original URL: http://www.theregister.co.uk/2009/12/24/inmate_prison_hack/

Inmate gets 18 months for thin client prison hack

HR network jailbreak

By Dan Goodin

Posted in Security, 24th December 2009 18:57 GMT

A former prison inmate has been ordered to serve 18 months for hacking the facility's computer network, stealing personal details of more than 1,100 of its employees and making them available to other inmates.

Francis G. Janosko, 44, received the sentence earlier this week in federal court in Boston after pleading guilty to the hacking offenses in September.

In 2006, Janosko hacked a thin client that was connected to a prison server to access the employee database for the Plymouth County Correctional Facility in Massachusetts, prosecutors alleged. After obtaining the names, addresses, dates of birth, social security numbers and telephone numbers of the employees, he made them accessible to other inmates.

Although the machine was configured only to run a legal research program, the prisoner managed to use it to get free rein over a variety of unauthorized services. In addition to the employee database, Janosko was also able to access the internet to download videos and photographs of prison employees, inmates and aerial shots of the prison, according to court papers. The hacking took place between October 2006 and February 2007.

Janosko was imprisoned in 2006 for a parole violation following a conviction on child pornography charges. He was convicted of harassing an underage girl and taking pictures of her in a public library the year before. ®