Janosko found "a previously unknown idiosyncrasy" in the legal research software that essentially allowed him to break through all of the controls that had been put in place, the indictment claims. It adds that over a four-month period starting in October 2006, he exploited the vulnerability and reconfigured the computer network so that he and other inmates had access to multiple applications and computing services.

For instance, Janosko provided himself and other inmates with access to a document containing the names, dates of birth, Social Security numbers, home addresses, telephone numbers and past employment histories of the 1,100 prison workers, according to the indictment. In addition, he allegedly was able to gain access to the Internet and download two short video films, plus digital photographs of two prison personnel and two inmates as well as an aerial photo of the facility itself.

The indictment also says that Janosko managed to obtain a username and password for accessing an "important" prison management application and that he attempted to log into the program -- but without succeeding before he was caught.