364 inmates in Idaho collectively stole $225,000, the use of tablet computers and software vulnerability, the officials said.
Tablet-computers and software vulnerability were enough to help 364 inmates in Idaho collectively steal $225,000.
According to the Idaho Department of Correction, the prisoners were caught, earlier this month, taking advantage of a vulnerability in their prison-issued tablets, which allowed them to manipulate the digital credits that they used to buy games and music.
The tablets were issued by JPay, which specialises in the provision of an online system for inmates. The on board services of the tablets can let prisoners read and write e-mails, viewing educational materials, and access to entertainment.
More From PCmag
Panasonic Toughbook Phone, Tablet Can Survive Your Work Day
Dashlane Password Manager Adds VPN, Dark Web Monitoring
Telegram Wants to Save Your Real-World ID. Uh, No, Thanks
Has Slack Really Won the Office-Chat War? Hell, No!
But apparently, the JPay system also contained a security vulnerability with account credit amounts, that the prisoners in five Idaho penitentiary establishments decided to make a hack. “Fifty prisoners credited their accounts in amounts of more than $1000. The highest amount will be credited by a single prisoner was $9,990.35,” Jeff Ray, spokesman for the Idaho Department of Correction, said in an e-mail.
“This behavior is by design, not by chance,” he added. “It requires a knowledge of the JPay system and multiple actions by one prisoner that the use of the system make it vulnerable to wrong credit in their account.”
CenturyLink, which operates JPay, refused to disclose how the software is violated, but the vulnerability is resolved, it said. The $225,000 was stolen from the JPay system and was not taxpayer dollars.
So far, only $ 65,000 of the stolen credits is restored. As a punishment, Idaho correctional facilities have suspended the prisoners’ ability to download more music and games, until they refund JPay. The prisoners are also facing a further disciplinary measures that may reclassify the severity of their authority level.
This article originally appeared on PCMag.com.