Security Advisor

Corporate Espionage Hits Major League Baseball

The FBI is investigating whether St. Louis Cardinals officials breached a private database of the Houston Astros.

In a first-of-its-kind case, the FBI and the DOJ are investigating an alleged hack of the Houston Astros by fellow MLB club St. Louis Cardinals. Subpoenas for electronic communication from the MLB and Cardinals were served earlier this morning.

According to investigators, the Cardinals organization allegedly accessed an Astros server that contained a private database of player scouting reports, possible trades and other internal data. When the breach was first discovered, the FBI first believed that the compromise was pulled off by a rogue hacker with no affiliation to the MLB. However, government investigators discovered that the incident originated from a computer located in a home that had been used in the past by Cardinals officials. The breached information first came to light last year when an anonymous source posted it online.

MLB released a short statement acknowledging the FBI investigation earlier today. "Major League Baseball has been aware of and has fully cooperated with the federal investigation into the illegal breach of the Astros' baseball operations database," read the statement.

In a New York Times report, the publication said that Cardinals officials used old passwords of Huston  General Manager Jeff Luhnow when he worked for the Cardinals' scouting department from 2003 to 2011 to gain access to the Astros database. The Times suggests that during his tenure with the Cardinals, Luhnow had made some enemies in the organization that could have pulled off the breach as an act of revenge.

So far, neither the FBI or the MLB has named specific individuals inside the Cardinals organization who are under investigation. The team released a short statement Tuesday morning.

"The St. Louis Cardinals are aware of the investigation into the security breach of the Houston Astros' database," the team said in a statement. "The team has fully cooperated with the investigation and will continue to do so. Given that this is an ongoing federal investigation, it is not appropriate for us to comment further."

The Times also pointed out that while gaining access using stolen passwords has been used by cybercriminals for years now, this could be one of the first corporate espionage cases to use the tactic. More importantly, this case points to the importance of using different passwords across the Internet.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Windows 10 Preview Adds Ability To Display Linux Distro Files

    Microsoft on Wednesday announced Windows 10 preview build 19603, which adds easier access to installed Linux distro files using Windows File Explorer.

  • Microsoft 365 Business To Get Azure Active Directory Premium P1 Perks

    Subscribers to Microsoft 365 Business (which is being renamed this month to "Microsoft 365 Business Premium") will be getting Azure Active Directory Premium P1 licensing at no additional cost.

  • How To Use .CSV Files with PowerShell, Part 1

    When it comes to bulk administration, few things are handier than .CSV files. In this two-part series, Brien demos his top techniques for working with .CSV files in PowerShell. First up: How to create a .CSV file.

  • SameSite Cookie Changes Rolled Back Until Summer

    The Chromium Project announced on Friday that it's delaying enforcement of SameSite cookie changes, and is temporarily rolling back those changes, because of the COVID-19 turmoil.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.