Minnesota Man Charged With Hacking and Extortion of Major Sports Leagues

By Naveen Athrappully
Naveen Athrappully
Naveen Athrappully
October 30, 2021 Updated: October 31, 2021

Federal investigators have charged Joshua Streit, a Minnesota man, with illegally streaming sports games and attempting to extort approximately $150,000 from Major League Baseball.

According to a criminal complaint, Streit, 30, is accused of illegally hacking into the league’s streaming websites using login credentials from authorized users. The copyrighted content would then be showcased through a platform Streit operated for paying subscribers.

Content included that from the National Basketball Association, the National Football League, the National Hockey League, and MLB. This scheme was carried out from 2017 through to August 2021. One of the victim sports leagues has apparently sustained a loss to the tune of $3 million due to this activity, according to a news release.

Streit, who is also known as Joshua Brody, is facing federal charges for illegally penetrating into MLB’s internet infrastructure and then demanding money to keep quiet about the vulnerabilities.

“Instead of quitting while he was ahead, he allegedly decided to continue the game by extorting one of the leagues, threatening to expose the very vulnerability he used to hack them. Now instead of scoring a payday, Mr. Brody faces the possibility of a federal prison sentence as a penalty,” FBI Assistant Director Michael J. Driscoll said in an Oct. 28 DOJ press release.

If found guilty on all five criminal charges, which include hacking, wire fraud, illicit digital transmission, and sending interstate threats with the intent to extort, Streit faxes a maximum of 37 years behind bars.

According to court documents (pdf), the FBI was able to track down Streit when he used the same username, “inflx,” on both his streaming platform and on Reddit. Investigators got hold of his email address through the Reddit account, which led them to Streit’s personal blog where he posted research related to cybersecurity.

Investigators got hold of Streit’s home IP address after getting in touch with the local internet service provider. He lives in St. Louis Park, Minnesota.

The case is being handled by the Complex Frauds and Cybercrime Unit, and Assistant U.S. Attorney Dina McLeod is in charge of the prosecution.

October is annually celebrated as Cybersecurity Awareness Month. As part of efforts to keep the average computer user safe from online scams, thefts, and crimes, the FBI has requested following a few simple guidelines, at least as a starting point.

This includes updating software with the latest patches and using a secure antivirus program; examining email addresses when you receive them and being aware of slight misspellings in addresses and website links; never opening attachments unless you have thoroughly verified the sender’s details; confirming requests for online money transfers in person or over the phone as part of a two-step authentication process; using a password with upper and lower case characters, numbers, and symbols.