In July of 2014 I first reported to you about the hacking of the computers of the Houston Astros baseball team.   After a prolonged investigation, Christopher Correa of the St. Louis Cardinals pleaded guilty in January of 2016 to hacking the private online data base of the Astros called Ground Control that contained tremendous amounts of confidential data including scouting reports and statistics on baseball players.  At the time he did the hacking, Correa was the Director of Baseball Development for the St. Louis Cardinals.   Correa was fired by the Cardinals when he first became a suspect in the hacking of the Astros.  A current Astros employee had worked previously for the Cardinals and Correa was able to easily guess the password used by him to access Ground Control by merely using variations of the password the Astro employee had used when he worked for the Cardinals.  Armed with this password, Correa stole data from Ground Control for use by the Cardinals.  Correa has now been sentenced to 46 months in prison and ordered to pay restitution of $279,038.65.  Now that the criminal case against him is over, Major League Baseball is beginning its own investigation that could result in serious consequences for the Cardinals.

TIPS

Although this story reads like fiction, perhaps the biggest lesson for all of us from this story is the danger of using the same password or slight variations thereof for all of your accounts, which unfortunately is a habit that many people have gotten into.  Hackers will often steal passwords of customers from companies when they commit a data breach and then use those passwords for identity theft purposes at banks, brokerage houses and other companies where the victim can suffer substantial financial losses.  The best course to follow is to have a difficult to crack password that is unique for every account.