It is no doubt that 2015 is on record pace for the number of data breaches compared to previous years. However, typically we would assume that these data breaches would happen in such industries as healthcare, finance, retail or the government. We would have never thought that this would enter the area of professional sports teams.
Now we know it is happening inside America’s favorite pastime, baseball, and it’s reaching national and worldwide headlines. Here is the story: the St. Louis Cardinals are being accused of hacking the Houston Astros to gain access to intellectual property – trade, proprietary statistics and player strategy information. Federal investigators are recommending charges against at least one St. Louis Cardinals employee for allegedly intruding on a rival baseball team’s database.
The potential breach came after former Cardinals employee Jeff Luhnow left to be Houston’s general manager. The investigation accuses the Cardinals of unfairly prying into the Astros’ database amid concerns Luhnow had taken the Cardinals’ proprietary information to his new employer. Luhnow has told investigators the Astros generated their own database system independently of his previous work in St. Louis. This report follows the Cardinals’ announcement earlier in the month that it had fired Chris Correa, the team’s director of scouting.
Although according to Major League Baseball there is no direct evidence that another baseball team has been the victim of a security breach, and that each team is responsible for its own cyber security. However, it is impossible to overstate the role of computer systems in the operation of a team — and not just on the business side, where executives can adjust ticket prices daily based on the latest sales data or modify orders for hot dogs or bobblehead dolls based on updated attendance projections.
What have we learned from this? Wherever there is data, it needs to be secured wherever it goes.
The more we understand the need and priority of security to protect such data within sports, such as player contracts, scouting reports, player strategy information, trade related data, etc., the more we will understand that this data needs to be secured with data-centric security.
No matter if the sport is baseball, football, hockey, basketball, soccer, etc., proprietary data exists and for any team to hold a competitive edge we should not underestimate what could happen, as that has been the case in this data breach. Each year we want our favorite sports teams to win that championship, and in order for them to do that, not only does it take them to have the right players, coaches, strategy, teamwork and mindset, but also the protection of their most valuable data.
Photo credit: Intel Free Press