Security Advisor

Corporate Espionage Hits Major League Baseball

The FBI is investigating whether St. Louis Cardinals officials breached a private database of the Houston Astros.

In a first-of-its-kind case, the FBI and the DOJ are investigating an alleged hack of the Houston Astros by fellow MLB club St. Louis Cardinals. Subpoenas for electronic communication from the MLB and Cardinals were served earlier this morning.

According to investigators, the Cardinals organization allegedly accessed an Astros server that contained a private database of player scouting reports, possible trades and other internal data. When the breach was first discovered, the FBI first believed that the compromise was pulled off by a rogue hacker with no affiliation to the MLB. However, government investigators discovered that the incident originated from a computer located in a home that had been used in the past by Cardinals officials. The breached information first came to light last year when an anonymous source posted it online.

MLB released a short statement acknowledging the FBI investigation earlier today. "Major League Baseball has been aware of and has fully cooperated with the federal investigation into the illegal breach of the Astros' baseball operations database," read the statement.

In a New York Times report, the publication said that Cardinals officials used old passwords of Huston  General Manager Jeff Luhnow when he worked for the Cardinals' scouting department from 2003 to 2011 to gain access to the Astros database. The Times suggests that during his tenure with the Cardinals, Luhnow had made some enemies in the organization that could have pulled off the breach as an act of revenge.

So far, neither the FBI or the MLB has named specific individuals inside the Cardinals organization who are under investigation. The team released a short statement Tuesday morning.

"The St. Louis Cardinals are aware of the investigation into the security breach of the Houston Astros' database," the team said in a statement. "The team has fully cooperated with the investigation and will continue to do so. Given that this is an ongoing federal investigation, it is not appropriate for us to comment further."

The Times also pointed out that while gaining access using stolen passwords has been used by cybercriminals for years now, this could be one of the first corporate espionage cases to use the tactic. More importantly, this case points to the importance of using different passwords across the Internet.

About the Author

Chris Paoli is the site producer for and


  • How To Replace an Aging Domain Controller

    If the hardware behind your domain controllers has become outdated, here's a step-by-step guide to performing a hardware refresh.

  • Azure Backup for SQL Server 2008 Available at Preview Stage

    Microsoft added the option of using the Azure Backup service to provide recovery support for SQL Server 2008 and SQL Server 2008 R2 when those workloads are hosted on Azure virtual machines.

  • Microsoft Suggests Disabling Old Protocols with Exchange Server 2019

    Exchange Server 2019 with Cumulative Update 2 (CU2) can help organizations rid themselves of old authentication protocols, which constitute a potential security risk.

  • Microsoft Previews New Edge Browser on Windows 7 and Windows 8.1

    Microsoft announced this week that it has released previews of its Chromium-based Microsoft Edge Web browsers for use on Windows 7, Windows 8 and Windows 8.1 systems.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.