The Cardinal Way: FBI Investigating STL Cardinals For Hacking Into Astros Database

from the running-redbirds dept

Tue, Jun 16th 2015 1:34pm — Timothy Geigner

If you're a baseball fan, as all good Americans are, and you have never lived in St. Louis, you probably hate the Cardinals. Don't feel bad if you do, they're quite easy to hate. No other fanbase has managed to coax platitudes out of the team and local media like the common refrain that Cards fans are "the best fans in baseball." Groan. Few other teams outside of college football programs tend to go on and on about "the Cardinal way" and how they "do things the right way" like the redbirds do. The problem is that the Cardinals have been an excellent baseball team for pretty much ever, always managing success with a minimal number of lean years.

Perhaps it's partly because they're cheaters on the level of committing federal crimes in order to gain an advantage -- at least according to reports coming out today. The news broke today that the FBI has become involved in investigating whether members of the Cardinals front office illegally gained entry to a proprietary database on player files, projections, statistics and trade maps owned by the Houston Astros.

Investigators have uncovered evidence that Cardinals officials broke into a network of the Houston Astros that housed special databases the team had built, according to law enforcement officials. Internal discussions about trades, proprietary statistics and scouting reports were compromised, the officials said.

The officials did not say which employees were the focus of the investigation or whether the team’s highest-ranking officials were aware of the hacking or authorized it. The investigation is being led by the F.B.I.’s Houston field office and has progressed to the point that subpoenas have been served on the Cardinals and Major League Baseball for electronic correspondence.

Even those of you not prone to caring about professional sports will likely recognize that this is a full-on shit-hitting-fan moment for a professional organization. The "hack", as it's being called, is the kind of low-tech stuff that most of these stories involve, but that doesn't change the fact that this situation seems to be the exact kind of thing the CFAA was designed around. The background on this is that Astros General Manager used to work for the Cardinals, where he developed this database of statistics and scouting methods. When the Astros hired him away, he ported his work over to be used with his new franchise. Somehow he was allowed to use the exact same passwords from his Cardinals days, which allowed somebody from the rival team to log in and begin pulling data. Ten months ago, that data was, for some reason, released into the wild, embarrassing the Astros and yanking away any advantage the proprietary system might have yielded them. The Astros reported the hack to the league office, which involved the FBI.

Word from early on in the FBI's investigation seems to leave little doubt that someone at the Cardinals, if not many someones, is involved. Oh, and very, very stupidly involved, too.

The Cardinals front-office executives who hacked into the Astros’ database are extremely dumb. You can’t even give them credit for being l337 H4x0rs because all these dummies did was use one of the old passwords Astros GM Jeff Luhnow used when he worked for the Cardinals, and they did it from their own goddamn home, which made it very easy for FBI to track them down. Here is a tip: If you’re going to commit corporate espionage, don’t do it from your home computer. Go find, like, an internet cafe or something.

But the thing about the CFAA is that its punishment doesn't correct for technical proficiency, so a "low-level hack," as this is being called, is still a hack and still falls under the law's purview. Dumb sports team or not, this is a federal crime, and the fact that people are going to lose their jobs may be the least of those peoples' concerns. We could be talking about real jail time here.

Regardless, the Cardinals way is dead, unable to pull itself from a muck of its own making.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: baseball, cfaa, fbi, hacking
Companies: houston astros, major league baseball, st. louis cardinals

16 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

limbodog (profile), 16 Jun 2015 @ 1:46pm

All I have to say
Is thank the gods they didn't try to under-inflate the balls.
[ link to this | view in chronology ]
Mason Wheeler (profile), 16 Jun 2015 @ 1:46pm

Regardless, the Cardinals way is dead, unable to pull itself from a muck of its own making.

You really believe that? After living through the Clinton administration? After reporting on CIA officials lying to Congress? After the endless cycle of MPAA lies about new technology that always keeps getting believed each new iteration?

Remember the High Court/Low Court system. Someone powerful and influential like a manager of a major sports team does something wrong, they'll get a slap on the wrist, tops. Sad but true.
[ link to this | view in chronology ]
radarmonkey (profile), 16 Jun 2015 @ 2:37pm

For all the the 'stupid' and 'dumb' adjectives being heaped on the Cardinal's perpetrators of this heinous 'hack' from their own home, let's add a hefty dose of 'are-you-f***ing-crazy!' to the Cardinal-turned-Astro GM who (a) put a highly sensitive database where someone outside the organization could get to it, and (b) used the SAME GODDAMN PASSWORD that he KNEW his old team was in possession!

No amount of law (CFAA or new knee-jerk-enacted ones) can make up for negligent IT practices.
[ link to this | view in chronology ]
- Anonymous Coward, 16 Jun 2015 @ 2:52pm
  
  Re:
  Woe to those who use the same kind of password an idiot uses for their luggage!
  [ link to this | view in chronology ]
Pixelation, 16 Jun 2015 @ 7:04pm

Litmus test
They better be charged under the CFAA. If not, we know it is only meant as a punishment for those the government doesn't like.
[ link to this | view in chronology ]
- Anonymous Coward, 16 Jun 2015 @ 10:25pm
  
  Re: Litmus test
  They will be. The President is from Chicago Cubs territory, after all.
  [ link to this | view in chronology ]
  - Dark Helmet (profile), 17 Jun 2015 @ 5:11am
    
    Re: Re: Litmus test
    That's only sort of true. He's a southsider and a confirmed White Sox fan, which, BLECH....
    [ link to this | view in chronology ]
  - Mr. Malarcy, 17 Jun 2015 @ 7:21am
    
    Re: Re: Litmus test
    The President is a White Sox fan not Cubs territory. For the record all Chicago is not the same!
    [ link to this | view in chronology ]
Anonymous Coward, 17 Jun 2015 @ 7:26am

Regardless, the Cardinals way is dead, unable to pull itself from a muck of its own making.
Right! Nevermore will the Cards win games by having one of the best farm teams in baseball, bringing young players along the right way, building teams that players love to be associated with. WHAT? Are you CRAZY or DUMB or just kidding with your comment.
[ link to this | view in chronology ]
anonymous, 17 Jun 2015 @ 7:34am

Cards
I can't believe it! Major league hackers.
[ link to this | view in chronology ]
bureau13 (profile), 17 Jun 2015 @ 8:33am

Tim must be a Cubs fan. This "hack" seems more of a gotcha aimed at the departed front office guy than an attempt to cheat. That doesn't make it any more right, or any more legal, but I don't know how else to explain the "anonymous" leaking of that info.
[ link to this | view in chronology ]
Anonymous Coward, 17 Jun 2015 @ 9:02am

As a Cardinals fan, I find that I'm gonna have to rationalize this.

In my opinion, stealing signs is a legitimate part of the game. In fact, it's analogous to intercepting data and breaking its encryption (colloquial 'hacking'). What should the Cards do? Put the IT department on the active roster, problem solved.

(It's also obligatory for me to say, with apologies to Tim "Chicagoland" Geigner: Cubs suck.)
[ link to this | view in chronology ]
Anonymous Coward, 17 Jun 2015 @ 9:39am

"Allowed" to use the same passwords?
Somehow he was allowed to use the exact same passwords from his Cardinals days
Is this some kind of joke I'm missing? Did you expect his new sysadmin to contact the previous one to compare passwords?
[ link to this | view in chronology ]
Geno0wl (profile), 17 Jun 2015 @ 11:34am

Why does it matter how it was done?
But the thing about the CFAA is that its punishment doesn't correct for technical proficiency, so a "low-level hack," as this is being called, is still a hack and still falls under the law's purview. Dumb sports team or not, this is a federal crime, and the fact that people are going to lose their jobs may be the least of those peoples' concerns. We could be talking about real jail time here.

Why is this a point of contention? If I steal money from a bank vault it is still breaking the law. It doesn't matter if I use a laser cutter to break in and get they money, have an assault rifle and hold the place up, or just have an employee leave the back door open. All of those are equally stealing money from the bank. Just like all methods of illegal entry into somebody else's database are illegal entries into their data.
[ link to this | view in chronology ]
- Anonymous Coward, 17 Jun 2015 @ 2:18pm
  
  Re: Why does it matter how it was done?
  Why is this a point of contention? If I steal money from a bank vault it is still breaking the law. It doesn't matter if I use a laser cutter to break in and get they money, have an assault rifle and hold the place up, or just have an employee leave the back door open. All of those are equally stealing money from the bank. Just like all methods of illegal entry into somebody else's database are illegal entries into their data.
  
  It's true that they're both guilty. On the other hand, I'd give a lighter sentence to the guy who came in the unlocked back door than the guy who cut a hole in the vault with a laser.
  [ link to this | view in chronology ]
Wolfgang, 17 Jun 2015 @ 2:10pm

Why so sore?
Good god Techdirt has terrible writers. Just because you are spawned from the Cubs loving Chi-town baby gravy that's so backwards they all talk out their ass doesn't mean you have to bring it into your articles. We get it, you're sore from the over a century of no World Series titles, the fact that the last time the Cubs even saw a World Series was WWII, they almost never see the playoffs, and their stadium is a decaying heap, but that is hardly a reason to hate a team that is 2nd only to the Yankees for World Series wins and the most wins of any of the NL teams. Let's face the facts, the Cubs could have hacked all the teams in the MLB and still be the steaming pile they are today.
[ link to this | view in chronology ]