Ohi-D'oh! US prison hands inmates' SSNs over to... an identity thief

Convicted fraudster says he was given personal details in records requests

By Shaun Nichols in San Francisco


Prison authorities in Ohio, US, mistakenly provided the social security numbers of thousands of inmates to a man convicted of identity theft.

The Mansfield News Journal says it was directly contacted by Lonny Bristow, who said he was sent the social security numbers of more than 2,000 prisoners when he made a public records request for inmate rosters at the Chillicothe Correctional Institution.

Bristow, whose past convictions included identity theft, making bomb threats, and telephone harassment, was supplied with an unredacted copy of the roster, which included, in addition to SSNs, each inmate's name, date of birth, Bureau of Criminal ID number, release date, and housing assignment.

The former inmate, who served time in state and federal prisons, told the paper he immediately sought to go to the press with the information for fear he would face criminal charges for possessing the numbers.

"I knew I had to turn it into the media," Bristow was quoted as saying. "I actually am truly done with the criminal life. Life's too short. I could've used those Social Security numbers to open a credit card account but I didn't."

The Ohio Department of Rehabilitation and Corrections did not return a Reg request for comment on the matter, but the News Journal reports the department is investigating and is looking to provide identity monitoring services for the inmates.

Ohio is not alone in making embarrassing errors of this sort. In 2013, a clerical foul-up at the UK's Ministry of Justice was blamed when the personal details of the inmate population of a Welsh prison were inadvertently sent out in a mailer to three families. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

NSO Group bloke charged with $50m theft of government malware

Alleged unethical behavior from a grey hat? Who'd a thunk it?

Chinese hotel chain warns of massive customer data theft

130 million could be impacted by Huazhu Group hack

Cisco sneaks hardcoded secret root backdoor into vid surveillance kit

Who watches the watchers? Anybody who has the login

Google Play Store spews malware onto 9 million 'Droids

How did these get through the net?

Snail mail thieves feed international identity theft rings say Oz cops

A little bit of social engineering, a little bit of lax physical security and a whole lot of pain

Bulk surveillance is always bad, say human rights orgs appealing against top Euro court

Liberty and pals seek to prove intrusive spy powers can never be justified

Cash-machine-draining €1bn cybercrime kingpin suspect cuffed by plod

Bod accused of masterminding malware attacks on banks around the world

Nice phone account you have there – shame if something were to happen to it: Samsung fixes ID-theft flaws

If Artem Moskowsky owes you money, it's a good time to ask