A former executive in the St. Louis Cardinals organization pled guilty in U.S. District court today for hacking into the Astros computer system and snooping on the team's scouting evaluations, analytics reports and notes from trade talks with other ball clubs, according to a Department of Justice press release.
35-year old Christopher Correa was hired by the Cardinals in 2009 before being named director of Baseball Development in 2013. In March 2013, Correa illicitly gained entry to the Astros' private online database called "Ground Control," which stored confidential information like analytics, contract information and employee email accounts. According to the press release, over the course of a year Correa repeatedly accessed Ground Control to view "proprietary information."
In one instance, Correa got into Ground Control after a former Cardinals employee who left to work for the Astros had to turn in his Cardinals-owned laptop, which contained his login information. Correa was able to get into the Astros' system via the ex-employees' email account by using a variation of the password found on his old Cardinals computer.
“Unauthorized computer intrusion is not to be taken lightly," U.S. Attorney Kenneth Magidson said in the press release. "Whether it’s preserving the sanctity of America’s pastime or protecting trade secrets, those that unlawfully gain proprietary information by accessing computers without authorization must be held accountable for their illegal actions."
We Believe Local Journalism is Critical to the Life of a City
Engaging with our readers is essential to the mission of the Houston Press. Make a financial contribution or sign up for a newsletter, and help us keep telling Houston’s stories with no paywalls.
Support Our Journalism
In March 2014, the Houston Chronicle ran an in-depth story about Ground Control that was picked up nationally, leading the Astros to take precautions meant to bolster Ground Control's security. But all the Astros did was change the site's URL and require users to change their passwords to something more complex. Correa again managed to get into the former Cardinals employee's originally hacked email account and discover what the user had changed his password to, allowing Correa to look at more than 100 Astros web pages including draft prospect rankings, analytical evaluations and player development reports.
According to the press release, Correa admitted that he "masked his identity, his location and the type of device that he used." Both parties agreed to put a $1.7 million price tag on Correa's intrusions. According to the Associated Press, Correa told the judge that his actions were “stupid.”
Correa was fired by the Cardinals in July. He will be sentenced in April, and could be slapped with a $250,000 fine and five years in prison for each charge.
When the story broke in 2014, the hacking scandal shocked baseball — not so much because it was beyond belief that an organization would commit cyber crime to gain a competitive edge, but because the organization that apparently did it was the venerated St. Louis Cardinals, the golden-boy ball club of our ostensibly pure national pastime. But with one of its former front office-men possibly heading to prison, it's probably time to reconsider the Redbirds' holier-than-thou status.