How did an Ohio inmate get prison administrators' usernames and passwords?

Ohio authorities are investigating how a prisoner obtained a list of the usernames and passwords for prison administrators.

A routine search at the Lebanon prison last Friday discovered that the inmate, who was not identified, had a “list containing administrative user names and passwords,” the patrol said.

JoEllen Smith, spokeswoman for the Ohio Department of Rehabilitation and Correction, said the inmate is now in “restrictive housing” at the prison while the investigation continues.

“We have no evidence that a data breach occurred at Lebanon or any other prison,” Smith said.

She added, “New information security technology has been implemented out of an abundance of caution.”

Officials would not say what computer information, if any, the inmate was able to access with the usernames and passwords.

Officials haven't publicly identified the inmate.

[Columbus Dispatch, related coverage at AP]