The Houston Astros have a new information board for the press box. It includes the day's schedule, lineups, game notes, upcoming probables, and the pressbox wifi info:

March 30th @astros lineup. pic.twitter.com/83yyiag8eo
— MoiseKapenda Bower (@moisekapenda) March 30, 2014

Woops! That’s the SSID and password for the pressbox WiFi. The password would have taken 4-6 days to crack with offline cracking password, but it’s now 0 days considering it’s on the internet.

Media members need to be very careful what they’re communicating out and teams need to be careful what they’re displaying for those media members to communicate out. I did inform the Astros about this and it appears they’ve removed the pressbox WiFi information from the TV display, per another journalists tweet that was taken at a different angle.

#Astros-#Yanks lineups for Opening Day pic.twitter.com/CClt6dyliS
— Brian McTaggart (@brianmctaggart) April 1, 2014

But I’ve seen the pressbox password WiFi somewhere before

Security tip: When being interviewed on TV, make sure passwords aren't written behind you - Graham Cluley

Interesting, not only does it appear that SSID’s are shared among MLB ball parks it appears they have a particular scheme for both the SSID and password that get updated yearly with only a one character change. I don’t know that they use that same scheme for every ball park, but it’s in at least two stadiums and likely several more.

Is this a big deal?

It’s not a huge deal, if MLB and the ball clubs have segmented the WiFi network from their internal network, which I would assume they do. Criminal’s are looking for the easiest way to make money and this would be a risky-targeted attack on, for the most part, journalists that probably isn’t likely to be all that profitable. Still, the WiFi network is password for a reason and I don’t think MLB or journalists, for that matter, want unauthorized people getting into their systems.