Skip to content
Prison Professors

July 4, 2026

Cybersecurity Course for our Curriculum

Principles taught:Resilience
Cybersecurity Course for our Curriculum

At Prison Professors, we teach people how to prepare for success. We create lessons on accountability, personal development, financial literacy, communication, release planning, and the importance of building a record that will open opportunities.

Recently, I learned the importance of developing a new course on:

  • Basic cybersecurity

That lesson did not come from theory. It came from personal experience.

Over the past several weeks, I have had to deal with the consequences of malicious people trying to compromise my accounts. The attacks created confusion, stress, and disruption. They forced me to spend time protecting email accounts, financial accounts, social media accounts, Apple accounts, phone settings, passwords, messaging systems, and other digital tools that we depend upon every day.

For most people, those systems are invisible until something goes wrong. We assume that if we can open our phone, receive a text message, send an email, or log into an account, everything is fine.

But everything is not always fine.

A person can lose access to an account. A bad actor can try to reset passwords. Spam messages can flood a phone. Suspicious apps can connect to social media accounts. Financial accounts can be locked while a company investigates unauthorized activity. Even when we regain access, the process can consume many hours and create uncertainty.

That has been my experience.

Cybersecurity Problems Disrupt the Mission

Prison Professors operates with a clear mission: 

  • to improve outcomes for people going through America’s criminal justice system.

We create and distribute free educational resources. We build profiles that allow people in prison to document their preparations for success. We work with families, justice-impacted people, staff, volunteers, donors, and community partners. We communicate with people across the country every day.

To advance that mission, we rely on technology.

We use email, websites, cloud storage, customer relationship management tools, video platforms, payment systems, social media platforms, phones, messaging apps, password managers, and banking systems. Each tool helps us reach more people. Each tool also creates a point of vulnerability.

I do not generate an income from my work on the mission. My income comes from investments I make from technology stocks and cryptocurrency. I’ve learned that malicious people can hack those accounts, too. 

When malicious people attack those systems, they are not only attacking me personally. They are disrupting the work.

Instead of spending time creating lessons, responding to families, preparing materials for people in prison, or building resources for our community, I have had to spend time responding to security threats. I have had to change passwords, review connected apps, contact support teams, verify devices, search for suspicious logins, monitor financial accounts, and ask whether other systems may have been compromised.

I have even had to hire counsel to assist me in recovering funds that have been stolen from a US based exchange that purports to keep assets safe. I do not want to name the large company, but I will confirm that it was NOT Binance–an exchange that makes a genuine commitment to protecting user funds. (In the USA, we’ve only recently gotten access to Binance.US)

Our work in the nonprofit depends upon trust. People in prison trust us to create accurate resources. Families trust us to provide guidance. Donors trust us to steward resources responsibly. Partners trust us to communicate with integrity. If malicious actors compromise our digital systems, they can damage that trust.

For that reason, cybersecurity is not a side issue. It must become part of the infrastructure of our mission.

What I Learned from the Experience

This experience of getting hacked taught me several lessons that I now believe we must share more broadly.

First, cyberattacks often create confusion before they create damage. A person may receive dozens or hundreds of spam messages. They may come from any platform, including X, Telegram, or even from chat messages. A strange notification may appear. A login may fail. A device may act differently. A platform may show an unfamiliar app or session. Those warning signs can feel overwhelming, especially for people who do not understand how digital systems work.

Second, passwords alone are not enough. A person may believe that a password protects an account. Yesterday, I learned that a hacker could penetrate the Verizon network and get access to my phone account. From there, real damage begins.

In reality, account security also depends on two-factor authentication, recovery email addresses, phone numbers, device trust settings, app permissions, SIM protection, password managers, and awareness of phishing attempts.

Third, convenience can become a weakness. We want our phones, computers, browsers, and apps to remember us. We want one device to connect automatically to another. We want passwords to autofill. Those features are helpful, but they also require discipline. We must understand what is connected, which devices have access, and how to remove access when something looks suspicious.

Fourth, people must act quickly. When something seems wrong, delay can increase risk. A person should change passwords, review sessions, disconnect suspicious apps, contact financial institutions, and document what happened. The longer an attacker has access, the more harm that person can cause.

Fifth, when something goes wrong, it is important to write down dates, times, account names, suspicious messages, case numbers, support communications, and the steps taken to protect the account. Good documentation helps when communicating with banks, technology companies, law enforcement, attorneys, or internal team members.

I needed that documentation to help the attorney I hired begin steps to communicate with the exchange that lost more than $90,000 worth of my funds.

People in Prison

People in prison are especially vulnerable to these problems.

Many have been away from technology for years or decades. When they return to society, they may face a world that looks very different from the one they left. Banking happens through apps. Job applications happen online. Medical appointments, government benefits, housing applications, tax filings, and school programs often require digital accounts.

Even communication with family members may depend on smartphones, passwords, email addresses, text messages, video platforms, and authentication codes.

A person who does not understand basic cybersecurity can easily become a victim.

Someone may click a link in a text message. Someone may share a verification code. Someone may use the same password for every account. Someone may trust a fake support number. Someone may believe that a message is legitimate because it uses the logo of a bank, phone company, or government agency. Someone may not know how to recognize a phishing attempt. Someone may not understand why a recovery email or phone number matters.

Those mistakes can have serious consequences.

A person coming home from prison is already rebuilding. He may be looking for work, restoring family relationships, satisfying supervision requirements, building credit, and trying to establish stability. A cyberattack can derail that progress. It can empty a bank account, lock a person out of email, compromise personal information, damage credit, or create new legal and financial problems.

If we say that we want people to succeed after prison, then we must teach them how to protect themselves in the digital world.

Cybersecurity Will Become a Part of our Curriculum

People in prison need to learn more than how to get a job or write a release plan. We must create lessons to teach people how to function safely in modern society.

That includes cybersecurity basics:

  • How to create strong, unique passwords.

  • How to use a password manager.

  • How to turn on two-factor authentication.

  • How to protect email accounts.

  • How to recognize phishing emails and text messages.

  • How to verify whether a message is legitimate.

  • How to protect financial accounts.

  • How to review connected apps and active sessions.

  • How to avoid sharing authentication codes.

  • How to secure a phone number against unauthorized transfers.

  • How to document suspicious activity.

  • How to respond quickly when something goes wrong.

These are not advanced technical lessons. They are basic life skills.

Just as people need to learn how to budget money, prepare for employment, communicate with probation officers, and build a support network, they also need to learn how to protect their digital identity.

Steps I Am Taking

Because of my recent experience, I am taking stronger steps to protect myself and the organization.

I am reviewing every major account. I am changing passwords and making sure each account uses a strong, unique password. I am using password managers more carefully. I am reviewing two-factor authentication settings. I am checking recovery email addresses and phone numbers. I am removing suspicious connected apps. I am reviewing active sessions and trusted devices. I am communicating with financial institutions and technology platforms when something does not look right.

I am also documenting what happened.

Documentation helps me understand the sequence of events. It helps me identify weaknesses. It helps me communicate with professionals who may need to assist. Most importantly, it helps me transform a painful experience into an educational resource for others.

That is what we try to do at Prison Professors.

We do not waste adversity. We learn from it. Then we teach.

Turning This Experience into a Lesson

This experience has been disruptive. It has consumed time, attention, and energy that I would rather devote to creating resources for people in prison and their families.

But it has also clarified an important need.

We must teach cybersecurity to people in prison, to people coming home, and to members of our broader community. The digital world creates opportunities, but it also creates risks. People who lack awareness are vulnerable. People who understand the basics can protect themselves.

At Prison Professors, we want to prepare people for success in the real world. The real world now requires digital responsibility.

That means cybersecurity belongs in our curriculum.

We will continue to teach accountability, discipline, values, goals, communication, financial literacy, and release planning. But we must also teach people how to protect their email accounts, phones, passwords, money, identity, and reputation.

My recent experience reminded me that malicious actors do not only attack large corporations or wealthy people. They attack anyone who has an account, a phone number, an email address, a financial profile, or a public presence.

That includes our community: people preparing to come home from prison.

We have a responsibility to help them understand the risks before those risks become crises.

Cybersecurity is part of financial literacy and family stability and preparing for success. For that reason, we will begin teaching more about it. We will use this experience to strengthen our mission.