2025’s NFL Draft Showed Why Cybersecurity is Important Everywhere

There are a few occasions that we get a very apparent example of how important basic cybersecurity is, regardless of where you are, and this year’s National Football League draft is one such example.

For those who don’t follow the NFL or the draft proceedings, multiple draftees received prank calls during the process, although one in particular is applicable to businesses of all kinds. Let’s examine this situation to reinforce a few critical cybersecurity best practices.

To begin, let’s discuss what happened and the ramifications these events have brought.

In Short, an iPad Was Left Unlocked

In order to preserve security, draftees don’t use their normal phones to communicate with recruiters. Instead, a fresh number is used, and these numbers are only provided to the teams participating in a given draft. One of these teams was the Atlanta Falcons, who distributed this contact information to their staff… including Jeff Ulbrich, their defensive coordinator.

This contact information was stored on Ulbrich’s iPad, which was left unlocked.

A few days before the draft began, Jeff Ulbrich’s 21-year-old son, Jax, was using this iPad and came across Shedeur Sanders’ draft contact phone number. The younger Ulbrich recorded this number, and on the second draft day, sat with a friend who called up Sanders and posed as Mickey Loomis, general manager of the New Orleans Saints. The friend told Sanders that the Saints wanted him as their next pick, only to tell Sanders he would have to wait a little longer, immediately hanging up.

For context, Sanders (the son of the famed NFL player Deion Sanders) was anticipated to be among the first 32 players selected, but wound up waiting until 143 other players had been drafted to various teams.

With video of the call emerging online, the younger Ulbrich has apologized for his involvement, but that has not prevented the National Football League from fining Jeff Ulbrich $100,000 and the Falcons organization $250,000.

Clearly, This is a Bad Situation for Everyone

Fines aside—and these are not fines to take lightly—the ripples of this issue are going to be far-reaching. 

The Falcons management will now have to consider how much they share with the elder Ulbrich, while they have decided not to take any action against their defensive coordinator. In addition, whether or not this call impacted Sanders’ ranking order, the salary difference between the first pick and pick 144 is $42.2 million over four years. Comparatively, Sanders’ image, name, and likeness gained him $5.1 million during his last college season.

Jax has since apologized via a social media post addressing Sanders directly.

What a Business Can Take Away from This Situation

There are a few lessons that can—and very much should—be learned.

The Principle of Least Privilege

The concept behind the principle of least privilege is to keep everything on a strictly need-to-know basis, which is something that the NFL did do. Sanders himself has expressed his surprise and confusion because of the phone number’s secrecy.

While not directly related, one of the best ways to keep business data secure is to treat it similarly and restrict access to only those who need it, and only as much as they need it.

Authentication is Important

As the iPad that Jax Ulbrich used to get the number was not password protected, it can almost be seen as lucky that it was only used to access a number for a prank. All devices (especially those used for work) should be locked down through stringent authentication measures to ensure that the data they hold remains private. If that iPad had been properly secured, this mess would not have happened.

Phishing Comes in All Shapes and Forms

It isn’t a stretch to see this situation as analogous to a phishing attack, as the only thing that really separates the two is the motive. As such, it serves as a great reminder to always try to confirm communications through a secondary source.

We’re Here to Help Your Business Avoid Similar Mistakes

While the stakes are undoubtedly different, you can’t afford to risk your business’ future by making these same errors. That’s where COMPANYNAME can help. We’ll review your business and ensure it is properly secured against threats, helping keep an eye on things to keep them out.

Learn more about our modern cybersecurity services by calling PHONENUMBER.

White Mountain IT

Related Posts

These IT Threats Can Ruin Your Business

Technology is a major part of today’s business. It’s fair to say anyone that works in business today is at least semi-proficient with the technology needed to complete their tasks. Unfortunately, for many people, however, the fact that their business requires complicated technology is problematic. This is because at any given moment there are people looking to undermine their job, seeking access t...

Knowing, and Planning For, Your Organization’s Compliance Burden

Despite what detractors say, regulations are in place for good reason. They typically protect individuals from organizational malfeasance. Many of these regulations are actual laws passed by a governing body and cover the entire spectrum of the issue, not just the data involved. The ones that have data protection regulations written into them mostly deal with the handling and protection of sensiti...

You Can Embrace Remote Operations Without Sacrificing Cybersecurity… It Just Needs to Be Done Right

Remote work has proven incredibly useful over the past few years despite many employers having various concerns about its implementation. While these concerns vary, one prevalent one is how remote operations impact cybersecurity. If you’re utilizing remote operations to any degree and aren’t concerned about cybersecurity, you must adjust this mindset and correct your approach. How Does Remote ...

Don’t Let Extortion Destroy Your Business

Here’s a challenge; go to any cybersecurity news website and see how far you can go before seeing an article about some new type of ransomware attack. It’s everywhere, and it’s scary, but that doesn’t mean your business has to cower in fear. With the right tools and resources at your disposal, you too can fight back against ransomware. Here’s how you can protect your business from ransomware and t...