Cardinals Face F.B.I. Inquiry in Hacking of Astros’ Database

In this Feb. 25, 2013, file photo, Houston Astros general manager Jeff Luhnow, right, talks to St. Louis Cardinals center fielder Jon Jay, left, and second baseman Daniel Descalso before an exhibition spring training baseball game in Jupiter, Fla.
Julio Cortez | AP
In this Feb. 25, 2013, file photo, Houston Astros general manager Jeff Luhnow, right, talks to St. Louis Cardinals center fielder Jon Jay, left, and second baseman Daniel Descalso before an exhibition spring training baseball game in Jupiter, Fla.

The F.B.I. and Justice Department prosecutors are investigating whether front-office officials for the St. Louis Cardinals, one of the most successful teams in baseball over the past two decades, hacked into internal networks of a rival team to steal closely guarded information about player personnel.

Investigators have uncovered evidence that Cardinals officials broke into a network of the Houston Astros that housed special databases the team had built, according to law enforcement officials. Internal discussions about trades, proprietary statistics and scouting reports were compromised, the officials said.

More from the New York TImes
Of all teams to hack, why the Astros?
Belichick, Snowden and Hack Wilson: Twitter reacts to Cardinals scandal
Yankees' Alex Rodriguez keeps security guard busy chasing down history

The officials did not say which employees were the focus of the investigation or whether the team's highest-ranking officials were aware of the hacking or authorized it. The investigation is being led by the F.B.I.'s Houston field office and has progressed to the point that subpoenas have been served on the Cardinals and Major League Baseball for electronic correspondence.

The attack would represent the first known case of corporate espionage in which a professional sports team hacked the network of another team. Illegal intrusions into companies' networks have become commonplace, but they are generally conducted by hackers operating in foreign countries, like Russia and China, who steal large tranches of data or trade secrets for military equipment and electronics.

Major League Baseball "has been aware of and has fully cooperated with the federal investigation into the illegal breach of the Astros' baseball operations database," a spokesman for baseball's commissioner, Rob Manfred, said in a written statement.

The Cardinals officials under investigation have not been put on leave, suspended or fired. The commissioner's office is likely to wait until the conclusion of the government's investigation to determine whether to take disciplinary action against the officials or the team.

"The St. Louis Cardinals are aware of the investigation into the security breach of the Houston Astros' database," the team said in a statement. "The team has fully cooperated with the investigation and will continue to do so. Given that this is an ongoing federal investigation, it is not appropriate for us to comment further."

Read MoreSex, lies and debt potentially exposed by US data hack

The case is a rare mark of ignominy for the Cardinals, one of the sport's most revered and popular organizations. The team has the best record in baseball this season (42-21), regularly commands outsize television ratings and has reached the National League Championship Series nine times since 2000. The Cardinals, who last won the World Series in 2011, have 11 titles over all, second only to the Yankees.

Law enforcement officials believe the hacking was executed by vengeful front-office employees for the Cardinals hoping to wreak havoc on the work of Jeff Luhnow, the Astros' general manager who had been a successful and polarizing executive with the Cardinals until 2011.

From 1994 to 2012, the Astros and the Cardinals were division rivals, in the National League. For a part of that time, Mr. Luhnow was a Cardinals executive, primarily handling scouting and player development. One of many innovative thinkers drawn to the sport by the "Moneyball" phenomenon, he was credited with building baseball's best minor league system, as well as drafting several players who would become linchpins of the Cardinals' 2011 World Series-winning team.

Did Cardinals 'hack' Astros?
Did Cardinals 'hack' Astros?   

The Astros hired Mr. Luhnow as general manager in December 2011, and he quickly began applying his unconventional approach to running a baseball team. In an exploration of the team's radical transformation,Bloomberg Business called it "a project unlike anything baseball has seen before."

Under Mr. Luhnow, the Astros have accomplished a striking turnaround; they are in first place in the American League West division. But in 2013, before their revival at the major league level, their internal deliberations about statistics and players were compromised, law enforcement officials said.

The intrusion did not appear to be sophisticated, the law enforcement officials said. When Mr. Luhnow was with the Cardinals, the organization built a computer network, called Redbird, to house all of their baseball operations information — including scouting reports and player personnel information. After leaving to join the Astros, and bringing some front-office personnel with him from the Cardinals, Houston created a similar program known as Ground Control.

Read MoreIndependent baseball does major league business

Ground Control contained the Astros' "collective baseball knowledge," according to a Bloomberg Business article published last year. The program took a series of variables and "weights them according to the values determined by the team's statisticians, physicist, doctors, scouts and coaches," the article said.

Investigators believe Cardinals officials, concerned that Mr. Luhnow had taken their idea and proprietary baseball information to the Astros, examined a master list of passwords used by Mr. Luhnow and the other officials who had joined the Astros when they worked for the Cardinals. The Cardinals officials are believed to have used those passwords to gain access to the Astros' network, law enforcement officials said.

That tactic is often used by cybercriminals, who sell passwords from one breach on the underground market, where others buy them and test them on other websites, including banking and brokerage services. The breach on the Astros would be one of the first known instances of a corporate competitor using the tactic against a rival. It is also, security experts say, just one more reason people are advised not to use the same passwords across different sites and services.

Last year, some of the information was posted anonymously online, according to an article on Deadspin. Among the details that were exposed were trade discussions that the Astros had with other teams. Mr. Luhnow was asked at the time whether the breach would affect how he dealt with other teams. "Today I used a pencil and paper in all my conversations," he said.

Believing that the Astros' network had been compromised by a rogue hacker, Major League Baseball notified the F.B.I., and the authorities in Houston opened an investigation. Agents soon found that the Astros' network had been entered from a computer at a home that some Cardinals officials had lived in. The agents then turned their attention to the team's front office.

"The F.B.I. aggressively investigates all potential threats to public and private sector systems," an F.B.I. spokeswoman said. "Once our investigations are complete, we pursue all appropriate avenues to hold accountable those who pose a threat in cyberspace."