This story is over 5 years old.


Idaho Prisoners Hack Tablets and Steal Nearly a Quarter of a Million Dollars in Credits

More than 300 inmates hacked their tablets to avoid the high cost of cruising the internet while jailed.
Image: JPay

Jail sucks, and inmates are often vulnerable to abuse and exploitation from forces both inside and outside the prison. JPay, for example, offers a clear plastic tablet called the JP5 to inmates who can then use them to watch movies, listen to music, play games, and send emails. But those small freedoms come at a heavy cost. Last year, for instance, inmates in the New York prison system received free tablets only to have the company charge them $.35 to send an email, $9 for 30 minutes of video chat, and overcharge for movies, books, and music.


Typically, a loved one or an associate on the outside deposits money into a prisoner’s JPay account, which they then use as credits to buy JPay’s various price-gouging services. According to the Associated Press, Idaho prison officials discovered earlier this month that a group of 364 inmates figured out how to hack the system to give themselves as many credits as they wanted, avoiding the high cost of using a tablet while incarcerated.

JPay hasn’t revealed how the inmates hacked the system, and a representative from CenturyLink—who partners with JPay to provide basic internet connections to the tablets—told the AP that the inmates got cash by "intentionally exploiting a software vulnerability to increase their JPay account balances." The cost of the individual transactions range from $1,000 to $10,000 in credits and totalted $225,000.

JPay has recovered $65,000 in credits and restricted the inmates tablet privileges until they get the rest back. "JPay is proud to provide services that allow incarcerated individuals to communicate with friends and family, access educational programming, and enjoy positive entertainment options that help prevent behavioral issues,” the company said in a prepared statement to the AP. “This conduct was intentional, not accidental. It required a knowledge of the JPay system and multiple actions by every inmate who exploited the system’s vulnerability to improperly credit their account”