After the New York Times initially broke the news on Tuesday that the FBI is investigating St. Louis Cardinals employees for hacking into the Houston Astros' proprietary database and stealing information, other media outlets including the Houston Chronicle began sniffing around the case. (Or maybe the Chronicle was sniffing around earlier but didn't have sources of the caliber of the Times.) Later in the day on Tuesday, the Chronicle followed in the wake of the Times article with a report that contained a few interesting nuggets. One was that the March 2014 breach, which appears to have emanated from a home around the Cardinals' spring training home of Jupiter, Florida, was not the only breach:
There were at least two separate breaches of the Astros' computer network, a source told the Chronicle. The database includes statistics, player evaluations and, at least up until last spring, logs of trade negotiations. Those logs were posted online and widely viewed at Deadspin last June, prompting an FBI investigation.
The Times reported that investigators said they uncovered evidence that Cardinals officials wrongfully gained access into the Astros' internal website in 2013. A second breach occurred in March of 2014, a source told the Chronicle.
On Thursday, the Chronicle reported on their Ultimate Astros blog that Cardinals personnel had breached the Astros' system a third time:
The Chronicle on Thursday learned that the Cardinals had unauthorized access to Astros information as early as 2012, a year earlier than was previously known.
The extent of the Cardinals’ reach inside the Astros’ organization isn’t yet fully known but was not limited to one or two occasions, a person familiar with the details of the investigation said. The source asked for anonymity because of the sensitive nature of the case.
The number of breaches keeps growing. It's unclear, based on the Chronicle post, whether the "unauthorized access to Astros information" included stealing any information. Nonetheless, it appears that, at the very least, St. Louis employees have been gaining unauthorized access to the Houston database for years.