Cardinals Hack: A Lucky Password Guess Or A Criminal Attack?

The New York Times reports the St. Louis Cardinals might have hacked the Houston Astros by using a front office executive's old password.
Posted at 4:49 PM, Jun 17, 2015

Houston Astros General Manager Jeff Luhnow forgot to follow the cardinal rule.

"How to pick a proper password. No. 1 — make your password hard to guess," computer security software company Sophos advises.

Luhnow apparently didn't. 

The current Astros GM previously worked for the Cardinals from 2003 to 2011, running St. Louis' deep and talented minor league system. After the Astros hired Luhnow, he brought a slew of Cardinals employees with him and created a Houston-version of the Cardinals' computer program for monitoring player operations called "Ground Control."

The FBI is reportedly investigating the St. Louis Cardinals for "hacking" the Astros — and by hacking, we mean using Luhnow's old passwords to access that computer system.

"You know what happened? Some Cardinals employee was like 'Dude ... you know that guy we hate for the Astros? What was his password? Let's see if it works. ... Dude! I got into the Astros' database," ESPN radio host Colin Cowherd said.

"Dude, you can't have the same password you had when you were with the Cardinals. Change your password," CBS Sports radio host Boomer Esiason said. 

"Just because this guy forgot to change his password? Why's the FBI involved in this," radio host Dan Patrick asks.  

That's the question many are asking and one that doesn't seem to have many answers.

The FBI often deals with taking down criminal hackers — installing malware on computers, monitoring key strokes, stealing money from bank accounts or trying to gain access to government information. (Video via CNN

Finding out more about Carlos Correa's .276 batting average for the Fresno Grizzlies in AAA? Not so much.

According to The New York Times, the Astros first contacted the FBI when the organization thought their baseball operations program Ground Control had been hacked by a "rogue hacker." 

This likely after a bunch of the Astros' trade talks, emails and other information were leaked to Deadspin last year.

That "rogue hacker" brought the FBI to the house of a Cardinals employee. Now, the employee or employees could be facing serious jail time with the FBI involved. But should they?

On astate-by-statelevel, gaining access to a person's computer can be a misdemeanor with little, if any, jail time — as long as you didn't destroy or damage information. Though with the FBI involved, a misdemeanor isn't likely.

A writer for FanGraphs says the accused may have violated the 1984 Computer Fraud and Abuse Act and the Economic Espionage Act of 1996. By Deadspin's estimates, employees found guilty could face five years of jail time and thousands of dollars in fines per offense. 

What happens next is very much still in the air — aside from the fact plenty of lawyers will be involved. 

"To jump to the use of a word like cyber attack, we just don't know if those are the facts yet," said MLB Commissioner Rob Manfred.

MLB Commissioner Rob Manfred says the league is aware of the investigation and will wait for the investigation to conclude before taking further action.

This video includes images from Getty Images.