An inmate at Târgu Jiu Penitentiary, Romania, illegally accessed the national prison computer system, altering sensitive data including inmate sentence lengths and financial accounts.
The incident came to light after the National Union of Penitentiary Police (SNPP) released a statement, prompting official confirmation from the National Penitentiary Administration (ANP) and the Ministry of Justice. An internal investigation is now underway, alongside a criminal probe by prosecutors.
The compromise reportedly began on August 8, when Aurel Z., a 36-year-old inmate serving a nearly 10-year sentence for financial fraud, accessed the system via an info kiosk terminal available to prisoners. Using login credentials linked to a former prison director at Dej Penitentiary Hospital, Aurel Z. gained administrator-level access to the Romanian prison network.
According to the SNPP, the inmate had full access to sensitive applications used nationwide, allowing him to manipulate data for at least 15 inmates. The changes included reducing prison sentence durations (known as “earning days,” which are days of reduced punishment for prisoners as a result of work, studies or participation in educational activities); modifying balances in prisoners' personal accounts; deleting purchases to trigger account refunds; granting access to adult content.
The manipulation was uncovered after an accounting officer noticed discrepancies, including unauthorized purchases exceeding 10,000 lei (~$2,300) and suspicious fund inflows, such as 5 million lei (~$1,145,000) being entered into an inmate’s account, only to be quickly reduced to 5,000 lei.
SNPP representative Florin Șchiopu said Aurel Z. also accessed data related to inmates’ phone numbers, evaluations, disciplinary actions, and personal information such as marital status and religion. The breach is believed to extend beyond Târgu Jiu, with signs of data alterations at Timișoara and Pelendava penitentiaries as well.
The ANP confirmed that multiple user accounts, including at least seven dormant testing accounts, were exploited during the breach.
Despite previous verbal warnings from prison supervisors about suspicious activity, the issue went unaddressed until late September. On September 18, keyboards were removed from inmate-accessible terminals in Târgu Jiu. However, no immediate audits were carried out in other prisons.