Hacking in Sports

Targets for data theft go well beyond the businesses you might expect. Sure, hackers often go after customer account numbers at large financial firms, and they’ve made it clear that healthcare organizations and retailers are prime marks. However, these industries aren’t unique in their cyber security burden.

Any organization, agency or individual can be affected by malicious hacking. And one of the most interesting examples of hackers’ wider-ranging pursuits comes from the world of professional sports.

Recently, there have been a number of high-profile incidents of hacking in sports. One of the most notable examples was the 2015 breach of the Houston Astros’ databases, which led to a federal investigation of the St. Louis Cardinals. While this hack didn’t involve the high-volumes of personal information, the team’s proprietary information provided a compelling motive for a competitor’s malicious activity.

Further, pro sports privacy and security concerns extend beyond the teams and franchises, with individual players finding themselves victim to damaging data leaks, blackmail attempts and similar foul play.

Such is the highly publicized fate of NFL draft rookie Laremy Tunsil.

Roughly an hour before the 2016 NFL draft, an unknown hacker accessed Tunsil’s Twitter account, posting a picture of Tunsil taking a hit of marijuana through a gas mask. Largely as a result of this photo leak, Tunsil dropped from top-five-pick status, and was eventually being picked at number 13, which analysts estimate cost him $10 million.

Later that night, Tunsil’s Instagram account revealed more incriminating evidence: screenshots of text messages he sent to his college coaches indicating a monetary exchange, which is an illegal offense in college sports. The incident will likely result in fines for Ole Miss and a possible loss of scholarships to their program.

While they may not have the same type or volume of personal information as banks, healthcare organizations or retail chains, professional sports teams and athletes have plenty of digital assets that demand protection, and a compromise of this data can have serious consequences.

Though its certainly not unique to sports franchises, a major issue within the industry is a lack of awareness regarding network vulnerabilities, which makes them vulnerable to cyber threats. Not understanding the risks prevents sports teams and businesses alike from taking the necessary steps to keep malicious parties out — whether they’re anonymous hackers, competitors or even foreign spies. And throwing antivirus programs and packaged vulnerability scans at the problem is a dangerous game in today’s cyber environment.

A vulnerability assessment that examines your systems, as well as your cloud, mobile devices and third-party vendors is one of the first steps any organization can take to improve its security posture. Then, drawing from the assessment’s findings, risk mitigation procedures and even managed security services can help your organization keep malicious hackers away from your networks or information.

To learn more about how Gotham Security can help your organization understand its cyber risks and vulnerabilities, contact us today.