Security Advisor

Corporate Espionage Hits Major League Baseball

The FBI is investigating whether St. Louis Cardinals officials breached a private database of the Houston Astros.

In a first-of-its-kind case, the FBI and the DOJ are investigating an alleged hack of the Houston Astros by fellow MLB club St. Louis Cardinals. Subpoenas for electronic communication from the MLB and Cardinals were served earlier this morning.

According to investigators, the Cardinals organization allegedly accessed an Astros server that contained a private database of player scouting reports, possible trades and other internal data. When the breach was first discovered, the FBI first believed that the compromise was pulled off by a rogue hacker with no affiliation to the MLB. However, government investigators discovered that the incident originated from a computer located in a home that had been used in the past by Cardinals officials. The breached information first came to light last year when an anonymous source posted it online.

MLB released a short statement acknowledging the FBI investigation earlier today. "Major League Baseball has been aware of and has fully cooperated with the federal investigation into the illegal breach of the Astros' baseball operations database," read the statement.

In a New York Times report, the publication said that Cardinals officials used old passwords of Huston  General Manager Jeff Luhnow when he worked for the Cardinals' scouting department from 2003 to 2011 to gain access to the Astros database. The Times suggests that during his tenure with the Cardinals, Luhnow had made some enemies in the organization that could have pulled off the breach as an act of revenge.

So far, neither the FBI or the MLB has named specific individuals inside the Cardinals organization who are under investigation. The team released a short statement Tuesday morning.

"The St. Louis Cardinals are aware of the investigation into the security breach of the Houston Astros' database," the team said in a statement. "The team has fully cooperated with the investigation and will continue to do so. Given that this is an ongoing federal investigation, it is not appropriate for us to comment further."

The Times also pointed out that while gaining access using stolen passwords has been used by cybercriminals for years now, this could be one of the first corporate espionage cases to use the tactic. More importantly, this case points to the importance of using different passwords across the Internet.

About the Author

Chris Paoli is the site producer for and


  • Secured-Core PCs Promise To Stop Malware at the Firmware Level

    Microsoft and its hardware partners recently described new "Secured-core" PCs, which add protections against firmware-based attacks.

  • How To Ransomware-Proof Your Backups: 4 Key Best Practices

    Backups are the only guaranteed way to save your data after a ransomware attack. Here's how to make sure your backup strategy has ransomware mitigation built right in.

  • Microsoft Buys Mover To Aid Microsoft 365 Shifts

    Microsoft announced on Monday that it bought Mover to help organizations migrate data and shift to using Microsoft 365 services.

  • Mark Hurd, Oracle Co-CEO, Dies at 62

    Oracle co-CEO and former Hewlett-Packard chief executive Mark Hurd died last Friday at the age of 62 from unspecified causes.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.