Ex Cardinal's Scouting Director Chris Correa Sentenced To 46 Months For Hacking Astros' Computer System

New submitter yzf750 quotes a report from ESPN: A federal judge sentenced the former scouting director of the St. Louis Cardinals [Christopher Correa] to nearly four years in prison Monday for hacking the Houston Astros' player personnel database and email system in an unusual case of high-tech cheating involving two Major League Baseball clubs. "The data breach was reported in June 2014 when Astros general manager Jeff Luhnow told reporters the team had been the victim of hackers who accessed servers and proceeded to publish online months of internal trade talks," reports ESPN. "Luhnow had previously worked for the Cardinals. The FBI said Correa was able to gain access using a password similar to that used by a Cardinals employee who 'had to turn over his Cardinals-owned laptop to Correa along with the laptop's password' when he was leaving for a job with the Astros in 2011. Prosecutors have said Correa in 2013 improperly downloaded a file of the Astros' scouting list of every eligible player for that year's draft. They say he also improperly viewed notes of trade discussions as well as a page that listed information such as potential bonus details, statistics and notes on recent performances and injuries by team prospects. Authorities say that after the Astros took security precautions involving [a database called Ground Control] following a Houston Chronicle story about the database, Correa was able to still get into it. Authorities say he hacked the email system and was able to view 118 pages of confidential information, including notes of trade discussions, player evaluations and a 2014 team draft board that had not yet been completed. Federal prosecutors say the hacking cost the Astros about $1.7 million, taking into account how Correa used the Astros' data to draft players. Christopher Correa had pleaded guilty in January to five counts of unauthorized access of a protected computer from 2013 to at least 2014, the same year he was promoted to director of baseball development in St. Louis. He was fired last summer and now faces 46 months behind bars and a court order to pay $279,038 in restitution. He had faced up to five years in prison on each count."

Cheaters never prosper?

[colinrichardday]

Cheaters never prosper.

Re:Cheaters never prosper?

Did MLB and Las Vegas casinos close?

Re:Cheaters never prosper?

Don't forget her philandering husband, but at least he would be fun to drink with. I suspect Hillary is a mean drunk.

Re:Cheaters never prosper?

*Bill* Clinton did pretty well, as a president and as a lying cheating husband.

Re: Cheaters never prosper?

It's debatable how much of an advantage the Cardinals actually gained. As I understand it, the hacking was done to look for information that Luhnow would have taken from the Cardinals. Because the Cardinals were among MLB's best teams while the Astros were awful, the Astros would have drafted right after the Cardinals, at the start of the next round. It's possible that the Cardinals could have chosen players the Astros wanted to select, as revenge against Luhnow. However, I haven't seen any clear evidence presented that this actually occurred. Furthermore, with the Astros moving to the American League, there was far less of a direct advantage to gain from harming the Astros versus a team in your own division or league. Also, as I detailed in another post, the way Luhnow raided the Cardinals organization wasn't particularly ethical, either.

Re:Cheaters never prosper?

All of the Super Bowls the Patriots have won in the last decade or so really prove that your statement is wrong.

In fact, it would be more accurate to say "cheaters create dynasties."

it wuz haxx0rz!

Which is convenient because it doesn't mean anything. Good show!

WHAT!?

[ArhcAngel]

But he didn't MEAN to do it. That should have been enough to get him off.

Re:WHAT!?

[chipschap]

But he didn't MEAN to do it. That should have been enough to get him off.

It was apparently good enough for Hillary.

Re:WHAT!?

[houghi]

He raped a company, not a real person, so there is your difference right there.

Don't pay any attention

[p51d007]

to professional sports. It use to be a "beloved game(s)" Football, baseball etc...gave up on baseball in 94, gave up on football in 95. It's not a TEAM SPORT much anymore, but a group of INDIVIDUALS. Team LOYALTY went out the window. Yeah, I know the career life of a professional sports player can be hampered by injuries, but paying some of these players what they make?

Re:Don't pay any attention

[OzPeter]

It's not a TEAM SPORT much anymore, but a group of INDIVIDUALS.

My maxim is that Sport is something you do, while Entertainment is something you watch

Re: Don't pay any attention

Baseball has always been something of an individual sport. It's a battle between a pitcher and hitter, with the fielders and runners being important mostly after the ball is put into play. Sure, there are defensive alignments like the shift, pickoff attempts, and stolen bases, but most of the action with runners and fielders happens after the ball is in play. Yes, there's more emphasis on extra base hits and less on moving runners over with sacrifices. But that's because most of the time it's more advantageous to play for the extra base hit. Maybe it makes it less of a team sport, but it also means more hitting and runs. More likely, you stopped watching because of the strike and never came back.

I think the NBA is far more deserving of your criticism about sports no longer being about the team. With the exception of the Spurs, there's a lot of one-on-one plays. Even a good team like Cleveland, with multiple good offensive threats, doesn't really play as a team. There's too much of LeBron dribbling while other guys stand around. He did the same stuff in Miami. When Shaq around Kobe were winning in LA, it was still incredibly frustrating to watch. I think Kobe would have been much more effective if Shaq had gotten more touches. Shaq was around tremendous mismatch inside, and even if the double or triple team came, it would open up passing to someone like Kobe or Robert Horry for an open shot outside. The NBA is frustrating to watch.

As for the NFL, it's been poisoned by greed. I am a Cardinals fan, which means I was also a Rams fan. I strongly disliked how Stan Kroenke was allowed to destroy fan support in St. Louis by putting a historically awful product on the field while making his intentions to relocate the team to LA blatantly clear. The NFL misled St. Louis, who offered hundreds of millions of dollars in public money for a new stadium with the belief that it would be enough to ensure keeping the Rams. Then the NFL went back on their word while Kroenke and his lawyer verbally trashed St. Louis on the way out. Two teams, the Chargers and Raiders, still have unresolved stadium issues while the one city that offered lots of public money lost its team. The NFL is still a team sport, but the greed will bring down the NFL.

Re: Don't pay any attention

NFL can die in a fire, look at what they did to both LA and Alameda county re the Traitors.

Cool

Stupid fuck

draft picks for the cornhole league now....

In all seriousness though, I bet he gets scooped up right after he serves his time.

  Arli$$ would be proud

Not as one sided as it might seem

First, Jeff Luhnow wasn't particularly well-liked in the Cardinals front office. There was a well-documented rift between people who were loyal to the long-time general manager, Walt Jocketty, and people who were loyal to Luhnow, who was perceived as very arrogant. Luhnow also favored more emphasis on the draft and player development. Eventually this led to the firing of Jocketty. Luhnow gained some power and, in fairness, did quite a bit of good by having several good drafts that restocked the minor league teams. That said, Luhnow was never particularly well-liked or trusted.

When Luhnow left to become the general manager of the Astros, he took a lot of the staff with him to Houston. A lot of knowledge and skill left with those people who followed Luhnow. People with the Cardinals were concerned that Luhnow and other employees had also taken private information with them to Houston. That work was owned by the Cardinals, and Luhnow and his staff had no right to it. As I understand it, the motivation for "hacking" the Astron was to check if proprietary information was taken by Luhnow or other staff.

It's worth noting that this action wasn't sanctioned by the highest levels of the Cardinals front office. The current general manager, John Mozeliak, isn't being charged or disciplined by MLB. I'd also point out that Luhnow's attempts to raid the Cardinals front office weren't particularly ethical.

Let me put this in perspective. Let's say there's a team of developers at Google who develop a really good product. The leader of that team gets hired away by Microsoft to work on essentially the same project. He then proceeds to hire away most of his staff from Google to help duplicate the project. This would be the equivalent of the new team leader at Google hacking a Microsoft server to check for source code owned by Google. The hacking is wrong, but it generally wouldn't be acceptable to hire away nearly an entire development team to work on the same project at a new company, either.

Re:Not as one sided as it might seem

Well put, this is the very definition of "taking one for the team".....when they deserve it.

WHOA! he's totally HACKING with a PASSWORD

man, he must be such a computer cool dude! A SERIOUS HACKER

entering in a whole PASSWORD to gain PRIVELEGE ESCALATIONS.

just like every computer user ever

Unfair System

[JimSadler]

In a fair economic situation every company would have total access to a competitor's data. That way they can price compete while both having all the information. In an unfair system what does it mean to cheat? Is it to the players' benefit that all the data is kept secret? After all if all know the truth the pay might be much higher.

Re:Unfair System

[BitterOak]

In a fair economic situation every company would have total access to a competitor's data. That way they can price compete while both having all the information. In an unfair system what does it mean to cheat? Is it to the players' benefit that all the data is kept secret? After all if all know the truth the pay might be much higher.

The problem with your argument is there is a often a monetary value to information. Man hours have to be spent to collect and analyze this data. If it all has to be shared with competitors, there'd be no incentive for businesses to spend the resources to create that information in the first place.

Re: Unfair System

Not quite. There's a lot of data available to the teams already. However, the challenge is in projecting future performance from a player. Teams that send scouts to watch high school and college players might have different notes on the players. Why would a team pay to send a scout if they had to share the notes with the other teams? That makes no sense. The goal is also to sign players for expected future performance, which means developing a model based on prior performance to project what a player will do in later seasons. That is a major component of what goes on in scouting and player development departments. As I understand it, the Cardinals weren't interested in stealing secret information from the Astros, just in making sure that Luhnow and others hadn't taken proprietary infraction with them from the Cardinals to the Astros. It's possible they could have tried to interfere with the Astros plans in the player draft because the Cardinals would have drafted shortly before the Astros got to pick at the start of the next round. However, that would have been more about revenge against Luhnow rather than gaining a more significant competitive advantage. Keep in mind that the Cardinals are in the NL Central while the Astros have moved to the AL West. They don't play each other that often and aren't competing against each other for the division or wild cards. From a competitive standpoint, it would have been far more beneficial to hack a team like the Cubs. This was about revenge, not because of scarcity of data.

Re: Unfair System

You're right. It's expensive to collect data, develop tools to analyze the data, and make projections. When Luhnow was hired as the GM of the Astros, he also brought a lot of his staff to Houston. The Cardinals were concerned that some of the proprietary data and tools was taken to Houston, as well. The Cardinals spent a lot of money for that, so they didn't want their former employees to take it to a competitor. That was the initial motivation for the hack. While the hacking is unlawful, I believe both sides behaved unethically and both were harmed to some degree. While the hack really wasn't much of a hack, the broader implications of employees leaving for competitors and what they take with them is very relevant in the tech industry.

Re: Unfair System

That doesn't make sense and I completely disagree. It is absolutely ethical to hire employees from a competitor, or are you saying that once you work for a company, you are required to work there for life and can never be hired elsewhere? Using your logic, we can only ever have one shot in an industry before having to move to a completely unrelated field - or previous employers have rights to check any and all future work I may do.

Re: Unfair System

I think you misunderstand. It's pretty common for employees to move around in MLB. They're probably going to work in similar positions and do similar things. I see three forms that such an employment change can take.

1) An employee moves from Team A to Team B to work on similar projects. However, the employee uses processes developed by Team B and doesn't share proprietary information or bring proprietary data from Team A.

2) An employee moves from Team A to Team B. The employee is expected to share information with Team B about proprietary and secret processes at Team A, especially so they can be duplicated at Team B. However, no proprietary data is brought to Team B.

3) An employee leaves Team A to take at job with Team B. The employee works on similar projects at Team B, implementing processes based on proprietary and secret information from Team A. The employee also copies proprietary data before leaving Team A and makes the data available to Team B.

Scouting departments evaluate the skills of players and project their performance in the future. Teams use this information when deciding which players to acquire, how much to pay them, and what players are worth in trades. A lot of these decisions are now made based on statistics with less emphasis on subjective and qualitative evaluations of players.

A proprietary process could be a statistical model that projects how college players might develop and perform in MLB a few years later. A proprietary data set might be pitch velocity data collected by scouts with radar guns sent by MLB teams to college games. It might also include the output of proprietary statistical models.

If Team A pays an employee to develop an statistical model, they don't want the output from that model shared with Team B. If Team A pays to send an employee to college games and pays for a radar gun to measure pitch velocity, they don't want that data given away to Team B. However, those might provide a temporary advantage that goes away as new data and model projections are available. Team A really doesn't want Team B to have the proprietary model because they can duplicate all of the projections that Team A makes until Team A updates or replaces the model. It's a longer term advantage.

Back to my three scenarios, I don't see anything wrong with the first scenario. An employee should be free to go elsewhere and make use of experience and non-proprietary information learned at the previous job.

The second scenario is a gray area, I think. I don't have a problem with an employee who understands the weaknesses of a previous employer's product and uses that information to develop a better product. I think it's far more sketchy to use knowledge of something proprietary at a previous employer to implement the same thing for the new employer. That said, perhaps it's the duty of employers to limit who has access to proprietary information and to try to keep those employees happy so they don't leave. Regardless, I think this is less ethical than the first scenario.

The third scenario is almost certainly unethical. I'd say that an employee who knows he's not to take proprietary data and source code with him when he leaves but does so anyway is committing corporate espionage.

My understanding is that Correa found evidence of proprietary data being taken from the Cardinals and being put in the Astros' database. It's pretty certain that Luhnow hired away people from the Cardinals who had knowledge of proprietary information to gain an advantage. This is the third scenario I described, which I don't think can be defended as ethical.

The "unnamed ex-cardinal employee" is an idiot.

How dumb do you have to be to use a password similar to the one you just turned over to A COMPETITOR?

"hacking"?

so guessing a re-used password is hacking? sigh....

A cardinal what?

[lokedhs]

It took me quite a bit of reading to understand what a "Cardinal scouting director" is. In fact, I'm still not entirely sure what such a person actually does.

Given the tech-oriented and international audience of this side, I'm not sure that one can assume that I am alone in being confused by the wording of the title. A better one would be to simply refer to the person as "sports executive".

Re: A cardinal what?

I'll answer this for you.

The St. Louis Cardinals are a Major League Baseball team. When high school and college players become professionals, they are drafted. The draft has many rounds and, generally speaking, each team picks once per round. Teams that didn't play well last season get to pick ahead of teams that played well. The idea there is competitive balance, letting bad teams pick first, when better players haven't been picked yet.

The players being drafted are young, typically 18-22 years old. They haven't physically matured yet, nor have they played against the highest levels of competition. Teams want to pick the players who are most likely to develop into major league players a few years later. Scouting involves gathering information and data about players, then projecting how they'll develop and be able to compete against better competition.

There are many thousands of high school and college players each year who are eligible to be drafted by a major league team. One person can't possibly gather and analyze data about all of those players or even a fraction of them. That's why teams have entire scouting departments to find the best young players and collect information. Teams have also turned to using statistics and analytics to measure the skills and ability of players, instead of subjective observations. Scouting departments have people who analyze the massive amount of data that's collected to predict how good young players will be a few years into the future. A lot of this involves developing software tools and analyzing statistical data. The scouting director is responsible for overseeing the people who do this type of work.

Re:A cardinal what?

[nitehawk214]

Something about Catholics, I think.

Re: A cardinal what?

[edittard]

If that was the case, the headline would read "Ex Cardinals' Scouting Director" and not "Ex Cardinal's Scouting Director".

The latter implies the scouting director belongs to one cardinal.

Re: A cardinal what?

[lokedhs]

I never expected to get such a detailed answer. Thank you for that.

Re: A cardinal what?

It figures that a Cardinal would have a scouting director. To find young boys...

How much for US spies that do worse than that?

Oh, Hell.

Passing

[sjbe]

Even a good team like Cleveland, with multiple good offensive threats, doesn't really play as a team. There's too much of LeBron dribbling while other guys stand around. He did the same stuff in Miami.

Have you actually watched Lebron play? The guy passes the ball a ton. He's in the top 10 in the league for assists every year and is in the top 20 all time already. I agree with your point that much of the NBA doesn't play like a team. But I don't think that is actually a fair assessment of Lebron James specifically. He actually does quite a lot to distribute the ball, sometimes to a fault. In a lot of ways he plays a lot like Magic Johnson. Amazing scorer but possibly even better at passing the ball.

Re: Passing

Same AC that you replied to. In all fairness, the image of LeBron that came to mind was his last NBA finals with the Heat, playing against the Spurs. I recall LeBron doing a lot of dribbling and taking a lot of shots, especially layer in the series. I think that was well-intentioned and perhaps a result of Wade and Bosh being a lot less than 100% at that point. In all fairness, that's not representative of LeBron. The Cavs are a much better team by focusing on getting Love and Irving more involved. You can't run everything through LeBron and they realized that two seasons ago. Perhaps the example I should have used was Allen Iverson. He's no longer in the league, but he was a perfect example of what I'm talking about.

By the way, I totally get why LeBron isn't playing in the Olympics, but I wish he was. With no disrespect to Tim Duncan, who has a case for being the best power forward ever, LeBron is the best player since Jordan. I've never quite understood the comparisons between Kobe and Jordan; I don't think it's that close.

Plurals

[sjbe]

It took me quite a bit of reading to understand what a "Cardinal scouting director" is. In fact, I'm still not entirely sure what such a person actually does.

He managed talent scouting for the St Louis Cardinals baseball franchise. Basically he was in charge of the staff that tried to identify up and coming talent in development leagues, high schools and colleges. 20 seconds on google should have clarified the matter for you so I'm thinking you didn't actually read very much. Personally I think you might be engaging in a bit of equivocation by intentionally pretending to be unable to parse the sentence.

Given the tech-oriented and international audience of this side, I'm not sure that one can assume that I am alone in being confused by the wording of the title.

Most of the readers of slashdot are in the US and just because someone likes technology doesn't mean they are ignorant about sports. I was a D1 college athlete myself at one point and I still coach several teams.

A better one would be to simply refer to the person as "sports executive".

That's like calling someone at GE an "engineer". It's technically accurate but it doesn't tell you much about what they actually do.

Reused Passwords...

[OfficeLackey]

Is it just me, or does it sound like the employee who left used the same password at his new job as the one he gave to Correa for the laptop? As someone who works in InfoSec, I think I've heard something before about reusing passwords and/or sharing them with others before. (look away Bruce Schneier, look away...)

Re:Unfair System [ UNFAIR?! ]

[gosand]

What!? You mean baseball players might not be getting paid enough? Oh the humanity!!!!

FYI, the average salary for a player is $4 million.