Skip navigation
Sign up to follow your favorites on all your devices.
Sign up

Top 25 Baseball Stories of the Decade — No. 17: Cardinals employee hacks the Astros’ database

Correa Cardinals Hacking

We’re a few short days away from the dawn of the 2020s. So, instead of counting down the Top 25 stories of the year, we’re taking a look at the top 25 baseball stories of the past decade.

Some of them took place on the field, some of them off the field and some of them were more akin to tabloid drama. No matter where the story broke, however, these were the stories baseball fans were talking about most over the past ten years.

Next up: number 17: Cardinals Employee Hacks the Astros’ Database

There have been a lot of baseball movies. Part of that is because of baseball’s historic popularity. Part of it, though, is that baseball lends itself pretty well to a lot of different modes of storytelling. You can use baseball to tell a dramatic story. One with a lot of action. Certainly a comedy. And you even make a baseball romance.

Until 2014 or so, however, it would’ve been hard to imagine a baseball espionage story, but the St. Louis Cardinals and Houston Astros gave us one.

When Jeff Luhnow was hired to be the Houston Astros’ general manager he and his staff set to transforming the club’s analytics department. Part of that process was setting up a database and communications system in which all baseball operations information -- scouting reports, prospect development plans, trade discussions, you name it -- could be shared across the organization. They were not the first team to have such a system. The Cleveland Indians had one called “DiamondView” which most consider to be the first effort at such a beast. The Boston Red Sox built one too, nicknamed “Carmine.” And, of course, the St. Louis Cardinals -- the team for whom Luhnow had worked previously and which gave him the idea for Houston’s database -- had one as well, called “Red Bird Dog.” The name the Astros gave their system was “Ground Control.”

Luhnow and the Astros considered it the best system in the game. It apparently did not have the best security, however, because in 2014, it got hacked, and much of the stolen data was posted online. Released to the public were internal discussions about a possible trade for Giancarlo Stanton that year, notes about their trade of Bud Norris to the Baltimore Orioles in 2013, and discussions between the Astros and Yankees during spring training 2014 in which the Yankees offered Ichiro Suzuki to Houston.

Here, for example, is what the notes about the Norris trade looked like:

“7/29/2013″,” SF said they wouldn’t include Mejia on top of Blackburn.”
“7/29/2013″,” SF said they still had interest in Norris. JL said they would have to include both Blackburn and Mejia to be competitive.”
“7/29/2013″,” AA texted JL and asked what a package around Stroman might look like. JL said Stoman + Gose would be in consideration.”
“7/29/2013″,” BC texted JL and said they couldn’t include Boegarts [sic], Cecchini, Webster, or Bradley but thought they had enough depth to still make an appealing package. JL wrote back and asked if they would consider a package around Barnes and Owens.”

On the one hand, it was kind of cute that the Astros were asking for a package including Xander Bogaerts for Bud freakin’ Norris of all people. On the other hand, let us not pretend that we have much of a clue how most trade discussions go. You don’t get the sky if you don’t ask for the stars, right? Via the hack of Ground Control, the public got some insight into it all. It was definitely the kind of thing the Astros didn’t want out in the open.

But no matter how interesting it was, it was also pretty clear that whoever hacked into the Astros’ database was probably gonna get in big trouble. The FBI, after all, takes this kind of stuff seriously, and they began an investigation. As it progressed it was reported that, rather than some random hackers, the focus of the investigation was on another baseball team being at the heart of the electronic incursion. In early 2016 the FBI arrested Chris Correa, the scouting director of the Cardinals.

Correa was a former colleague of Luhnow and Sig Mejdal, once a fellow analyst with the Cardinals, then Luhnow’s righthand man in Houston. When the two of them moved on to the Astros Correa believed that they took Cardinals’ proprietary information with him. Or, at the very least, that’s what he’d tell the judge and some reporters after he was caught. Correa claimed that he was accessing the Astros’ system to find evidence of Luhnow and Mejdal’s alleged wrongdoing. And, he said, it was easy: he simply used Mejdal’s old Cardinals’ password on the Astros’ system and, hey, hey, hey, whaddayaknow, it worked! No word if it was “1-2-3-4" or if he used the same combination on his luggage.

Investigators later alleged that Correa had accessed the Astros’ database at least 48 times, but he probably did it much more than that. He obtained the Astros’ draft rankings, their scouting reports and notes on their trade discussions, sometimes staying online and in their system for two hours at a time. He then leaked some of it to Deadspin -- that stuff that came out in 2014 -- probably in an effort to embarrass the Astros somehow. He usually endeavored to digitally mask his activities, but apparently did not do so well enough, or else he wouldn’t have been arrested.

Whether Correa’s stated justification for the hacking -- that he was trying to prove that the Astros had taken the Cardinals’ information -- was true or not, it was of no of legal consequence. “They did it too!” is not a justification for a grade school kid who gets caught throwing spitballs at the blackboard and, as the sentencing judge said when he sent Correa to prison for 46 months, it was no justification here. Either way, Correa, who has since been released, has never said what his alleged evidence against the Astros actually was.

As Correa sat in prison Major League Baseball Commissioner Rob Manfred leveled additional penalties. While noting that all evidence in both the federal investigation and MLB’s own investigation suggested that Correa acted alone, Manfred held the Cardinals institutionally responsible for the hacking as well. He fined St. Louis $2 million and ordered the Cards to surrender two 2017 draft picks to the Astros. For what it’s worth, the Astros took pitcher Corbin Martin, who just missed the entire 2019 season due to Tommy John surgery and was recently traded to the Diamondbacks, and outfielder J.J. Matijevic, who just represented the Astros in the Arizona Fall League, with the forfeited picks.

Manfred’s penalties served as the final official word on the hacking scandal. But as time has gone on -- and as other events have transpired -- the episode would seem to have some continuing relevance. At least it does to me.

In October 2018, as Correa’s time in prison came to an end, he spoke at length about his crimes with Ben Reiter of Sports Illustrated. It was a great story at the time, but subsequent events have given it some unexpected resonance. Read this passage, for example, and ask yourself if anything sticks out now in ways that it might not have a year ago:

While he knew what he was doing wasn’t right, he never thought that it could be a crime. “It was all in the context of a game, to me,” he says. “When a pitcher throws at a batter’s chest, nobody runs to the local authorities and tries to file an assault charge. I’m not making excuses. I’m trying to explain where my head was at, as I now understand it. If another team does something wrong, you retaliate. That’s the lens through which I mistakenly viewed it . . .

. . . When the Astros’ internal trade talk notes appeared on the website Deadspin in June 2014—a leak the feds later attributed to Correa, who perhaps intended to embarrass his old colleagues—and Correa read that the FBI had become involved, he still didn’t view what he had done as more than high-tech sign stealing, certainly not a crime . . .

As Major League Baseball investigates another scandal involving the Astros, I can’t help but wonder about what informs the ethics and actions of major league front office employees. Obviously the sign-stealing thing does not come close to the level of criminal activity -- I’m not trying to draw any moral equivalencies here -- but it strikes me that there is a common thread tied up in the notion that, at least to some in the game, the ethics of athletic competition extend beyond the athletes on the field and into organizations as a whole.

If a pitcher can throw a purpose pitch in retaliation, why can’t a scouting director? If a runner on second base can look at the opposing catcher, steal a sign and flash it to the batter, why can’t some team employees set up cameras and communications systems to do it even better? What other things are being done by baseball front office employees, even today, that are motivated by competitive justifications that, while totally acceptable on the field of play, wouldn’t -- or shouldn’t -- wash when done by someone working behind a desk?


No. 18: Frank and Jamie McCourt Bankrupt the Dodgers
No. 19: Baseball Embraces Gambling
No. 20: The Hall of Fame Logjam
No. 21: The Bat-flippers Win the Battle Over the Unwritten Rules
No. 22: Astros switch leagues
No. 23: The Strasburg Shutdown
No. 24: Chicken and Beer
No. 25: All-Star Game no longer counts
Honorable mention: Astros Sign Stealing Scandal

Follow @craigcalcaterra