FBI investigates Cardinals for hacking into Astros' database

The St. Louis Cardinals are being investigated by the FBI for allegedly hacking into networks and trying to steal information about the Houston Astros, The New York Times reported Tuesday.

Major League Baseball, the Cardinals and Astros all issued statements Tuesday saying they have cooperated fully with the investigation, which started last year after some information was posted anonymously online. The Astros and Cardinals said they would not comment further, as it's an ongoing federal investigation.

According to ESPN legal analyst Roger Cossack, the federal investigation is close to a conclusion.

The Times reported Tuesday that the FBI and Justice Department officials have evidence that Cardinals officials -- who were not identified -- allegedly tapped into the Astros' database and had access to statistics, scouting reports and internal discussions about players, trades and other proprietary information.

"Major League Baseball has been aware of and has fully cooperated with the federal investigation into the illegal breach of the Astros' baseball operations database," the MLB statement said. "Once the investigative process has been completed by federal law enforcement officials, we will evaluate the next steps and will make decisions promptly."

Late Tuesday, the FBI office in Houston released a statement that neither confirmed nor denied the investigation, but added, "The FBI aggressively investigates all potential threats to public and private sector systems.

"Once our investigations are complete, we pursue all appropriate avenues to hold accountable those who pose a threat in cyberspace."

"Something is going on," Cardinals manager Mike Matheny told reporters before Tuesday's game. "We don't know how to react at all until we have more information, so we don't."

Baseball commissioner Rob Manfred indicated later Tuesday that MLB will not reach judgment until the investigation progresses further.

"I think until we know, this is different from when we might investigate, for example, a drug case where we're one of the investigators," Manfred said during a news conference at Fenway Park. "I have access to all the facts real time in a situation like that. That's just not the case here, and because I don't know exactly what the facts are and I don't think the person who wrote the Times story knows exactly what the facts are, that it really doesn't make sense for me to speculate as to how serious a problem I have.

"Soon enough, I think that we will have full information as to what went on. I think you can rest assured that we will act appropriately at that point in time. I think people should also not lose sight of the fact that in addition to what happened, there's the question of who did it, who knew about it, who was the organization responsible, the individual responsible -- there's a whole set of issues that are going to be needed to be sorted through."

Both the Cardinals and Major League Baseball have been served with subpoenas, the Times reported, but no actions have been taken against the officials under investigation.

Manfred acknowledged on several occasions that MLB has not experienced a situation like this one, saying that it is "a federal investigation, not a baseball investigation."

"All I'll say about our forensics people is they assist us in a variety of investigations that almost without exception, I think those investigations have related to violations of the [collective bargaining agreement]," he said. "We've not had anything of this type."

In June 2014, the Astros claimed to have been victims of hackers who accessed their servers and published months of internal trade talks on the Internet. It was then that the team began working with the FBI and Major League Baseball security in an effort to identify who was responsible for the breach.

Yahoo! Sports reported that one source familiar with the investigation said the FBI connected the breach to a house in Jupiter, Florida, the city in which the Cardinals conduct spring training. The house was used by a number of Cardinals employees, according to the report, so pinpointing the culprit of the breach is complicated.

According to the Times, the FBI believes that Cardinals officials gained access to the Astros' database by using a list of passwords associated with Astros general manager Jeff Luhnow dating to his tenure with the Cardinals from 2003 until he left for Houston after the 2011 season.

"I don't know if anybody can say for sure that any system is 100 percent secure, but we're working on it," Luhnow said last year when the team initially addressed the security breach. "We've done a security review and we're going to continue to do more. Obviously information is important in our industry as it is in any industry, and we want to do everything we can to protect the information."

The Astros rely heavily on sabermetrics in their evaluation of players and have been open about the fact that they use an online database to house their proprietary information. Luhnow isn't sure whether that's why they were targeted, but he knows they are far from the only team that stores data about players and trades online.

"One of the things I have been talking to my counterparts about with other clubs is recommending that everybody take a look at their own security systems and make sure they don't get hacked the way that we were," Luhnow said last year.

The U.S. attorney in St. Louis, Richard Callahan, told The Associated Press on Tuesday that he is unaware of the investigation. Messages seeking comment from FBI officials in St. Louis, Houston and Washington were not returned.

Meanwhile, Los Angeles Dodgers pitcher Brandon McCarthy took to Twitter on Tuesday to suggest his own form of punishment.

ESPNBoston.com's Gordon Edes and The Associated Press contributed to this report.