Ex-Cardinals Director Sentenced for Astros Hack

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Daniel R. Stoller

July 18 — A former Major League Baseball (MLB) scouting director's hack into a rival team's internal database revealed confidential trade discussions, scouting reports and draft rankings—and resulted July 18 in a 46 month prison sentence and a $279,038 fine ( United States v. Correa, S.D. Tex., No. 15-cr-00679, sentencing order, 7/18/16 ).

Judge Lynn N. Hughes of the U.S. District Court for the Southern District of Texas sentenced former St. Louis Cardinals executive Christopher Correa for breaching the Houston Astros' private online database.

Beginning in 2013, Christopher Correa accessed Houston's internal system—Ground Control—using the credentials of former Cardinals employees who went on to work for the Astros. Correa viewed the Astros' trade discussions with other baseball teams, minor league player scouting reports and MLB draft rankings.

Correa Jan. 8 pleaded guilty to five counts of unauthorized access of a protected computer, 18 U.S.C. §1030.

The sentencing may not be the end of the hacking saga as MLB will be conducting their own inquiry into the matter and may “take appropriate action,” Michael Teevan, MLB vice president for communications, told Bloomberg BNA July 18.

“Commissioner Manfred has asked the Department of Investigations to conduct a complete investigation of the facts in this matter, including requesting information from the appropriate law enforcement authorities,” he said.

The case highlights the risks for a data breach when employees change companies.

To contact the reporter on this story: Daniel R. Stoller in Washington at dstoller@bna.com

To contact the editors responsible for this story: Donald G. Aplin at daplin@bna.com ; George R. Lynch at glynch@bna.com

Copyright © 2016 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Bloomberg Law Privacy and Data Security