Two technologically savvy Ohio inmates pieced together and hid a pair of computers in the ceiling and went on an illegal surfing spree once connected to the network at the Marion Correctional Institution.

One inmate stole the identity of a fellow prisoner to apply for five credit cards and also planned to file false tax returns and have the refunds wired to the credit cards.

And, alarmingly, the inmate created passes for other inmates to access unauthorized areas of the prison, "creating a security risk," wrote the office of Inspector General Randall J. Meyer.

Meyer released a report today critical of security at the Marion prison that allowed the pair of prisoners to also rummage through the internal records of other inmates.

The report also said then-Warden Jason Bunting violated state policies in mid-2015 by failing to report suspected criminal activity to his superiors, the State Highway Patrol and the inspector general. Bunting later resigned as warden to become superintendent of the state-run Northwest Ohio Development Center in Toledo.

The prisoners who planted the PCs "were unsupervised for extensive periods of time," allowing them to hide the computers and ran other wiring to connect to the prison's computer network, the report said.

They accessed web sites that included information on manufacturing drugs and homemade weapons.

Their scheme finally was uncovered when prison IT employee Gene Brady received an alert about a former employee, whose user name and password had been lifted, attempting to bypass security controls. The system set up by the inmates allowed them to access the prison network from any computer that prisoners were allowed to use as part of Ohio Penal Industries.

Brady, who was found to have allowed prisoners to access salvage computers and parts, has been placed on paid leave from his $85,688-a-year job.

The inspector general called on the Department of Rehabilitation and Correction to determine if any employees should be disciplined, to tighten security over computers and prison Wi-Fi networks and to ensure that all suspected crimes are reported to the appropriate authorities. The report was sent to the Marion County prosecutor and Ohio Ethics Commission for review.

"We have already taken steps to address some areas of concern," said prisons spokeswoman JoEllen Smith. "We will thoroughly review the reports and take any additional steps necessary to prevent these types of things from happening again. It is of critical importance that we provide necessary safeguards in regards to the use of technology while still providing opportunities for offenders to participate in meaningful and rehabilitative programming."

In a separate report, the inspector general's office also today found that Marion Correctional Institution officials failed to follow competitive bidding procedures in executing a contract. The contract involved $20,000 in work that was transferred between two nonprofits. Bunting had a "close and continuing relationship" with one of the vendors and did not remove himself from the contract process, the report said.

The report recommended better ethics and procurement training for employees and a review of the vendors' payments. The investigation was sent to the state auditor's office for review.

rludlow@dispatch.com

@RandyLudlow