SMART Blog

Smart Services has been providing independent agents with proactive, fast, and expert technology services since 1991.

Baseball Executive Found Guilty of “Performance Enhancing" Hack Attack

b2ap3_thumbnail_baseball_hacks_brings_concerns_400.jpgThe “Moneyball” revolution in baseball has produced a dependence on analytics, both for measuring individual player performance and for overall team makeup. This shift has now presented at least one Major League Baseball franchise with major data security questions.

On January 9, 2016, the former scouting director of the St. Louis Cardinals pled guilty to five counts of unauthorized access to a private computer for utilizing a former employee’s credentials to hack into a rival team’s scouting database. His actions brought to light the threats of data security to all competitive sports franchises.

Christopher Correa, a longtime member of St. Louis’ front office, was charged with taking liberties with his former boss’s login credentials. The contemporary, listed in the indictment as “Victim A” (believed to be current Houston Astros General Manager Jeff Luhnow), apparently used the same login credentials as he did when he was a member of the Cardinals’ front office. Correa used this information to hack into Houston’s scouting database several times last June around the MLB First-Year Player Draft. The government has estimated the value of information Correa gained as a result of the hack at $1.7 million.

Correa had also accessed employee emails and 188 separate pages of confidential information by using “Victim A’s” credentials. Since “Victim A” had universal clearance within his organization’s databases, it gave Correa some useful information on whom St. Louis was scouting. Correa has subsequently admitted his crime and told the presiding judge, Lynn Hughes that it was a “stupid,” thing to do. Sentencing will begin on April 11, 2016.

Luhnow recognized the security problem and changed his credentials, which resulted in Correa hacking into the Astros’ email-server and getting the credentials of two more of the organization’s employees. When he accepted the GM job in Houston in 2011, Luhnow’s lack of password protection put his entire organization’s data infrastructure at risk. He made the following statement shortly after Correa’s plea:

I absolutely know about password hygiene and best practices. I’m certainly aware of how important passwords are, as well as the importance of keeping them updated. A lot of my job in baseball, as it was in high tech, is to make sure that intellectual property is protected. I take that seriously and hold myself and those who work for me to a very high standard.

Despite his comments, it took a rival hacking into his organization’s database for Luhnow to follow industry best practices and alter his login credentials. This situation presents a stark example of how network security is an end-to-end initiative. It’s just as important for people to follow best practices of password management as it is to have integrated intrusion security and access control solutions for your network.

You don’t get three strikes to secure your network against malicious entities that may want to get in. To get more information about the best practices for comprehensive network security, or to speak with our certified technicians about remote monitoring and management or other comprehensive network security solutions, call us today at (586) 258-0650 .

Tip of the Week: Add a PIN to Windows 10 Login to ...
Your Business Can Learn a Thing or Two From Nuclea...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, November 21 2024

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Blog Archive

2020
February
March
April
May
June
July
August
September
October
November
December
2012
February
March
April
May
June
July
August
September
October
November
December
2011
January
February
March
April
May
July
August
September
October
December

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *