The original New York Times story on the St. Louis Cardinals hacking scandal gives a broad outline of what happened, but as it describes an investigation in process, it is disappointingly light on crucial details like who perpetrated the hacking, when they did it, why they did it, and how exactly it was done. We won’t know the full answers to any of those questions for some time, but Yahoo’s Jeff Passan began to fill in some of the details in a column about the mess.
According to Passan, the Astros were hacked from a house that Cardinals employees use in Jupiter, Fla., where they hold spring training:
One official familiar with the investigation told Yahoo Sports the FBI traced the breach back to a house in Jupiter, Fla., the city in which the Cardinals hold spring training. A number of Cardinals employees used the house, according to the official, perhaps complicating authorities’ ability to pinpoint the alleged culprits.
Passan’s report doesn’t say when the hack occurred, but the final entry from the original documents that ended up on Anonbin was dated March 18, 2014, right in the midst of spring training. Putting that information together with the location of the hack, it seems reasonable to assume that the hack took place sometime between March 18 and March 29, the day after the last Cardinals spring training game.
According to the NYT, investigators believe Cardinals personnel looked at the master list of passwords used by former vice president* Jeff Luhnow while he was with the team, and are “believed to have used those passwords to gain access to the Astros’ network.” But Passan’s source says the hack was a bit more complicated than that, though the source doesn’t describe how:
While the Astros’ security wasn’t strong, the source said, the breach involved more than taking old passwords from Houston general manager Jeff Luhnow’s days as Cardinals farm director and inputting them into a website.
Finally, Passan’s source says that not everything taken in the hack ended up being revealed:
The league worried about another data dump. “There was more out there,” the source said, that was not revealed publicly.
To refresh your memory, the data was leaked in two different batches: one with trade chatter surrounding the 2013 trade deadline, and another with trade chatter from the following offseason. In a statement at the time, Astros GM Jeff Luhnow claimed that some of the leaked data was fake, but (for obvious reasons) didn’t say anything about any other data that was out there.
Why not all of the data was leaked—Was it about the Cardinals? Would it have somehow implicated the hackers? Was it being sold or used for blackmail? Was it highly useful information that the Cardinals kept in-house?—is anybody’s guess right now, and it will be interesting to see if it ever becomes public.