Cardinals Rumors

The Cardinals are under investigation for allegedly hacking into the Astros’ Ground Control database. Details are now emerging about the incident, reports Evan Drellich of the Houston Chronicle. One expert termed the hacking as “unauthorized intrusion” rather than a sophisticated attack. The legal definition of hack does include unauthorized intrusion, but no advanced techniques were used to access the Astros database.

It’s thought that one of Jeff Luhnow, Sig Mejdal, or Mike Elias did not properly update their passwords after moving from the Cardinals to the Astros. The access occurred as a result of password guessing, says Drellich. “Possibly with well-educated guesses.”

As you might have intuited, the security for the Ground Control database was below industry standards. Anybody could access the log-in page via groundcontrol.astros.com and a password. This is referred to as single-factor authentication. Houston has since moved the database to a virtual private network (VPN). It reportedly now has two-factor authentication which is more secure.

At least one of the three breaches was done by somebody using Tor, an “anonymity network” meant to hide the activities and location of its users. While the article doesn’t mention it, there is a freely available browser-based front end to access the Tor network.

In other news, the Cardinals brand has been “tarnished” by the scandal, but economic damage should be minimal according to the Associated Press.  Primary revenue streams like fan attendance and television network payments will be unaffected by the crime. Sponsors have not backed away from the Cardinals according to a spokesman for FOX Sports Midwest.

Taking the other perspective, Derrick Goold of the St. Louis Post-Dispatch elaborated on the Cardinals back story. Luhnow was hired by Cardinals chairman Bill Dewitt Jr. in 2003 to bring St. Louis into the sabermetric revolution. Luhnow was in large part responsible for building the group that is now under investigation. The team’s analytical efforts yielded excellent results like the selection of first baseman Matt Adams in the 23rd round. The article provides many other great anecdotes about St Louis’ move into the information age.

The Cardinals are currently under federal investigation for allegedly gaining illegal access into the Astros’ internal computer network, and Evan Drellich of the Houston Chronicle reports the latest wrinkle in the scandal. In addition to the previously known security breaches in 2014 and 2013, Drellich now has learned that the Cardinals accessed the Astros’ network as early as 2012, bringing light to a third and previously unreported breach.

Previous reports have indicated that the Cardinals employees in question gained access to Houston’s Ground Control system by utilizing a master list of passwords from when Jeff Luhnow and other execs were still with St. Louis, fueling speculation that Luhnow had neglected to update old passwords. The Houston GM told Ben Reiter of SI.com that any such speculation was “absolutely false,” continuing to add:

“I absolutely know about password hygiene and best practices. I’m certainly aware of how important passwords are, as well as of the importance of keeping them updated. A lot of my job in baseball, as it was in high tech, is to make sure that intellectual property is protected. I take that seriously and hold myself and those who work for me to a very high standard.”

In speaking to Reiter, Luhnow also addressed the supposed concern from Cardinals employees that he may have taken some proprietary information from St. Louis to Houston, denying that any such action took place and adding that he never received any sort of inquiry from the Cardinals on the matter. Luhnow says that his departure from the Cardinals was amicable, adding that many of his former colleagues were invited to and in attendance for his 2012 wedding.

Drellich has previously reported that the list of suspected Cardinals employees has been narrowed to four or five, and it seems at this point that the highest-ranking members of the Cardinals’ front office weren’t involved. Attorney Jim Martin, whose firm was retained by the Cardinals in February to perform an organizational review upon learning of the investigation, expressed confidence to the Associated Press that GM John Mozeliak and chairman/CEO Bill DeWitt, Jr. had no knowledge of the events. “With what we have done so far, I am 100 percent confident that this does not touch upper management,” said Martin.

Via Robert Patrick of the St. Louis Post-Dispatch, DeWitt himself addressed the media yesterday and said that he was “shocked” and “in disbelief” when he learned of the allegations. “There was zero knowledge until the FBI launched their investigation and we became aware of it,” said DeWitt.

The Chronicle reported earlier in the week that the investigation was in its latter stages, and Drellich explained in a followup piece last night that it would be the commissioner’s office — not a civil suit — that would determine the punishment for the Cardinals and award potential damages to the Astros. As Drellich explains, Major League clubs cannot file civil suits against one another, despite the fact that a former Department of Justice attorney who specialized intellectual property and commercial litigation told him the Astros “could have a case for theft of trade secrets.” The Cardinals cannot be fined more than $2MM as an organization, and DeWitt and other employees cannot be fined more than $500K. However, the commissioner’s office can punish the Cardinals by way of both the Rule 4 Draft (the yearly amateur draft in June) and the Rule 5 Draft, in addition to “other unspecified actions as the commissioner sees fit.”

5:53pm: In a followup interview with Bob Nightengale of USA Today Sports, Mozeliak states, “Unequivocally, I knew nothing about this.” Nightengale notes that in order to conduct the interview, Mozeliak was required to have legal counsel conference into the call. (That lawyer, Mike Whittle, advised against responding to whether or not Mozeliak felt any sense of responsibility for the alleged actions.) “I don’t know the outcome of this, or where it’s going to go,” Mozeliak continued, “but our hope is that when everything comes to light, people will realize that it wasn’t something that was organizational-wide.”

According to Nightengale, the Cardinals were aware of the investigation months ago but had hoped that it would stay out of the media. “I was surprised it came out,” said Mozeliak. “Not that I would not want it to come out, but the way it did, and the manner it did, did catch us off guard. We are responding accordingly.”

2:12pm: The Cardinals have issued a press release regarding the FBI investigation into the involvement of club employees in a reported breach of the Astros’ internal computer system.

St. Louis says that the organization retained the St. Louis law firm Dowd Bennett to conduct an investigation of the matter when it was made aware of the allegations several months back. Attorney Jim Martin, a former U.S. Attorney and white collar litigator with the firm, said that inquiry has yet to be completed. He explained that his firm and the organization will “avoid saying anything which would interfere with the government’s investigation” in the interim.

“These are serious allegations that don’t reflect who we are as an organization,” said club chairman and CEO Bill DeWitt Jr. “We are committed to getting to the bottom of this matter as soon as possible, and if anyone within our organization is determined to be involved in anything inappropriate, they will be held accountable.”

GM John Mozeliak also made a statement in the release, saying that “the alleged conduct has no place in our game.” Mozeliak continued: “We hold ourselves to the highest standards in every facet of our organization.  It has been that way forever and is certainly true today.  We are committed to finding out what happened.  To the extent we can substantiate that these allegations have merit, we will take appropriate action against anyone involved.” 

From the Astros’ perspective, Evan Drellich of the Houston Chronicle reported today that Houston is holding out the possibility of a civil suit against those ultimately determined to have perpetrated the impermissible computer access. “The Astros think it’s very serious,” a source told him.

That report also indicates that the FBI has looked into several addresses from which the unlawful access may have occurred, including both a house located in Jupiter, Florida (the Cardinals’ spring home) and one in a state that doesn’t host a major league club. Click here to find other recent developments as of late last evening. You can find the first post on the Cardinals’ involvement here and the original story on the leaked Astros trade notes at this link.

11:09pm: Apart from whatever criminal charges could arise, the league’s punishment of the Cardinals (if any) will depend upon “how high knowledge of [the] breach reached,” according to Passan (links to Twitter).

If the investigation reveals only a single “rogue employee,” there may not be any significant repercussions for the organization, says Passan. But severe penalties could result if top officials are shown to have acted improperly. The timeline of league action will be slowed by the fact that the FBI investigation remains private, Passan adds.

10:50pm: The FBI investigation into the breach of the Astros’ computer systems is in its final stages, according to the Houston Chronicle’s David Barron and Evan Drellich. A source tells the Chronicle that “the suspects [have] been narrowed to a group of four to five individuals within the Cardinals organization.”

Per the report, in addition to the 2013 breach discussed in the New York Times piece that broke the story of the investigation, impermissible access to the system also occurred in March of last year. That would seem to coincide with a report from Jeff Passan of Yahoo Sports indicating that the computer which gained entry to the Astros’ systems had been traced to a house in Jupiter, Florida — the Spring Training home of the Cardinals — which was occupied by multiple St. Louis employees. (Notably, also, the information released publicly appears to line up with the timing reported by the Chronicle.)

The Cardinals have conducted internal interviews with their personnel regarding the matter, Drellich adds on Twitter, and Derrick Goold of the St. Louis Post Dispatch notes that many members of the front office have hired attorneys. St. Louis released a statement earlier today indicating that the club “has fully cooperated with the investigation and will continue to do so.” Per Goold’s report, that included turning over computers to the FBI back in Feburary.

As things stand, it remains unreported precisely which Cardinals personnel are suspected of involvement with the actual computer breach — let alone what involvement organizational higher-ups may have had in the infraction, the public disclosure of information, and/or events subsequent. Needless to say, regardless of who is ultimately deemed to have committed the breaches, those questions will remain a source of intense interest going forward.

9:57pm: The breach in the Astros’ computer system was traced to a home in Jupiter, Florida, where the Cardinals hold Spring Training, a source tells Jeff Passan of Yahoo Sports. Per the report, “a number of Cardinals employees used the house.” That could make it more difficult to determine precisely who accessed the database, though of course investigators surely possess means of acquiring that information.

Passan also notes that, per his source, “the breach involved more than taking old passwords” from Luhnow “and inputting them into a website.” Indeed, there were initially concerns in the league office that more information might ultimately be made public than has been revealed to date.

3:44pm: Cardinals front office officials are being investigated by the FBI in connection to the 2013 hacking of the Astros’ Ground Control database, reports Michael S. Schmidt of the New York Times. According to Schmidt, federal investigators have uncovered evidence which indicates that Cardinals officials were the ones to break into the Astros’ network and databases, leading to the compromise of trade discussions, proprietary statistics and scouting reports.

At this point, it’s unclear which officials are being investigated, but Schmidt reports that no one with the team has been put on leave, suspended or fired at this time. Subpoenas have been served to both the Cardinals and Major League Baseball. In a statement to Schmidt, a spokesperson for commissioner Rob Manfred said that MLB “has been aware of and has fully cooperated with the federal investigation into the illegal breach of the Astros’ baseball operations database.”

Schmidt continues to say that the “hacking” was rather low-grade, as it’s believed that Cardinals officials gained entry by using a master list of passwords from Jeff Luhnow and those who followed him from the St. Louis front office to the Houston front office. The current belief among investigators is that Cardinals officials were concerned that Luhnow took proprietary information from St. Louis’ Redbird system — a network similar to Ground Control — and applied the information to his new system in Houston.

Schmidt adds that some law enforcement officials believe the breach to be the result of “vengeful” Cardinals employees “hoping to wreak havoc” on Luhnow’s work in Houston. The Astros believed the hacking to be random and notified the FBI, who learned that the Ground Control network had been accessed from a home in which a Cardinals official had lived.

The breach ultimately led to a good deal of private Astros information becoming public knowledge, including trade discussions that brought a good deal of scrutiny on the Houston organization. At the time, the Astros issued the following statement:

“Last month, we were made aware that proprietary information held on Astros’ servers and in Astros’ applications had been illegally obtained. Upon learning of the security breach, we immediately notified MLB security who, in turn, notified the FBI.  Since that time, we have been working closely with MLB security and the FBI to the determine the party, or parties, responsible.  This information was illegally obtained and published, and we intend to prosecute those involved to the fullest extent.”

It remains to be seen what kind of punishments will be issued if the Cardinals are indeed proved to be behind the incident. However, this is certainly the type of offense that would cost executives their jobs, and there could very well be further legal repercussions for those involved, as well as further punishments issued to the organization by the league.