From the time sensitive information was first maintained on computer networks, organizations have tried to infiltrate those networks to gain an advantage over their competition. Cases of industrial espionage have cropped up in a variety of verticals, from hospitality to pharmaceuticals, but the sports world had always seemed immune.
In early June, major league baseball (MLB) was rocked by the news that the FBI was investigating the St. Louis Cardinals—one of its most storied franchises—for breaching the Houston Astros’ network. The Cardinals allegedly gained the unauthorized access by using the old passwords of a former Astros employee, Jeff Lunhow, who now serves as Houston’s general manager. According to a variety of reports, the breach exposed a large volume of Houston’s intellectual property, including analytics, scouting reports and trade discussions.
Since this news broke, and given the nature of the breach, there have been a number of articles and blog posts written about best practices for password hygiene. And while that is certainly an important topic, the MLB incident should also serve as a wake-up call for any organization still clinging to the notion that cyber security is not a significant issue in its sector.
As organizations continue to emphasize data collection and analysis as a means of improving operations and increasing profitability, they will also be maintaining a greater volume of proprietary, sensitive information. As these data repositories build, it will be imperative for businesses to protect them by paying greater attention to cyber security, whether that means adopting an advanced incident response platform or devoting more time to employee training.
The simple fact is that if your organization maintains any kind of valuable data, it is almost a guarantee that there is some unauthorized individual or business that wants it. The Houston Astros and the rest of MLB are learning that lesson the hard way—but that doesn’t mean you have to do the same.