Last month, The New York Times reported that the St. Louis Cardinals were under investigation by the F.B.I. and Justice Department prosecutors for hacking into the Houston Astros database that houses internal discussions about trades, player statistics and scouting reports.
How did this happen? Reports claimed Cardinals personnel were able to use old passwords from former employees that are now in Houston to hack into the Astros database (similar in design to the Cardinals) and gained access to team and player information. Though no longer division rivals, Astros general manager Jeff Luhnow used to work in the front office for the Cardinals, working in their scouting department from 2003-2011. As such, the L.A. times notes the Cardinals “were concerned that Luhnow might have take some proprietary information with him from St. Louis to Houston.”
However, Sports Illustrated’s Tom Verducci concludes that the Cardinals hack may have had ulterior motives. He writes: “Here’s what is so fascinating and new about someone breaking into the database of the Astros: The motivation seems based more on causing public embarrassment to Houston general manager and former Cardinals executive Jeff Luhnow than on gaining any competitive leverage.”
As this investigations continues, there are some important lessons to be learned and below are three things companies should take away from the latest MLB cyberattack.
1. Password hygiene is still important
Passwords need to be constantly updated and secure. On July 3, the Cardinals fired scouting director Chris Correa, who admitted to hacking into the Houston database to see if the Astros had stolen proprietary data by using old passwords from former Cardinal employees who now are with the Astros.
No matter your position within an organization, it’s important to make sure your passwords are: at least 12 characters long, include numbers, symbols and capital letters. Also, make sure to change your password every couple of months (90 days) in order to keep your data safe and your SQL server performing at a high level.
2. Limit access to data
Though in this specific case, top management probably had access to player and team data, it’s important for companies to audit who currently has access to important information and data. According to SolarWinds, “privilege abuse is cited as the most frequent form of insider misuse (>80% of the 11,000 incidents reported).” When employees leave departments or the company, make sure they no longer have access by changing passwords and updating security measures.
3. Keep devices secure with cyber security software
Every company, both big and small, should take the time and invest in cyber security. Reports of the Cardinals initial hack date back to last season and with up-to-date security software, the hack could have been detected much earlier.
When looking for cyber security software, make sure it comes with layered security that covers security gaps with multiple defenses, such as malware scanners and intrusion detection systems that stops a hacker in their tracks. In addition, with an cyber security system that evolves to emerging threats, business owners can protect their brand and trust with consumers.
As cyber attacks become more common in businesses, make sure to learn from their mistakes by being smart and protective with business data.