2025’s NFL Draft Showed Why Cybersecurity is Important Everywhere

There are a few occasions that we get a very apparent example of how important basic cybersecurity is, regardless of where you are, and this year’s National Football League draft is one such example.

For those who don’t follow the NFL or the draft proceedings, multiple draftees received prank calls during the process, although one in particular is applicable to businesses of all kinds. Let’s examine this situation to reinforce a few critical cybersecurity best practices.

To begin, let’s discuss what happened and the ramifications these events have brought.

In Short, an iPad Was Left Unlocked

In order to preserve security, draftees don’t use their normal phones to communicate with recruiters. Instead, a fresh number is used, and these numbers are only provided to the teams participating in a given draft. One of these teams was the Atlanta Falcons, who distributed this contact information to their staff… including Jeff Ulbrich, their defensive coordinator.

This contact information was stored on Ulbrich’s iPad, which was left unlocked.

A few days before the draft began, Jeff Ulbrich’s 21-year-old son, Jax, was using this iPad and came across Shedeur Sanders’ draft contact phone number. The younger Ulbrich recorded this number, and on the second draft day, sat with a friend who called up Sanders and posed as Mickey Loomis, general manager of the New Orleans Saints. The friend told Sanders that the Saints wanted him as their next pick, only to tell Sanders he would have to wait a little longer, immediately hanging up.

For context, Sanders (the son of the famed NFL player Deion Sanders) was anticipated to be among the first 32 players selected, but wound up waiting until 143 other players had been drafted to various teams.

With video of the call emerging online, the younger Ulbrich has apologized for his involvement, but that has not prevented the National Football League from fining Jeff Ulbrich $100,000 and the Falcons organization $250,000.

Clearly, This is a Bad Situation for Everyone

Fines aside—and these are not fines to take lightly—the ripples of this issue are going to be far-reaching. 

The Falcons management will now have to consider how much they share with the elder Ulbrich, while they have decided not to take any action against their defensive coordinator. In addition, whether or not this call impacted Sanders’ ranking order, the salary difference between the first pick and pick 144 is $42.2 million over four years. Comparatively, Sanders’ image, name, and likeness gained him $5.1 million during his last college season.

Jax has since apologized via a social media post addressing Sanders directly.

What a Business Can Take Away from This Situation

There are a few lessons that can—and very much should—be learned.

The Principle of Least Privilege

The concept behind the principle of least privilege is to keep everything on a strictly need-to-know basis, which is something that the NFL did do. Sanders himself has expressed his surprise and confusion because of the phone number’s secrecy.

While not directly related, one of the best ways to keep business data secure is to treat it similarly and restrict access to only those who need it, and only as much as they need it.

Authentication is Important

As the iPad that Jax Ulbrich used to get the number was not password protected, it can almost be seen as lucky that it was only used to access a number for a prank. All devices (especially those used for work) should be locked down through stringent authentication measures to ensure that the data they hold remains private. If that iPad had been properly secured, this mess would not have happened.

Phishing Comes in All Shapes and Forms

It isn’t a stretch to see this situation as analogous to a phishing attack, as the only thing that really separates the two is the motive. As such, it serves as a great reminder to always try to confirm communications through a secondary source.

We’re Here to Help Your Business Avoid Similar Mistakes

While the stakes are undoubtedly different, you can’t afford to risk your business’ future by making these same errors. That’s where White Mountain IT Services can help. We’ll review your business and ensure it is properly secured against threats, helping keep an eye on things to keep them out.

Learn more about our modern cybersecurity services by calling (603) 889-0800.

White Mountain IT

Related Posts

Three Best Practices to Avoid Getting Hacked

Data breaches can cripple companies and can come from a lot of different directions. They can be the result of phishing attacks where your staff unwittingly gives hackers access to your business’ resources. It can come from a brute force attack where hackers use innovative tools to break into your network. It can even be the work of disgruntled employees who use their access to steal company data....

Ticketmaster Suffers Major Data Breach

The world’s largest ticket retailer is in hot water after their parent company, Live Nation Entertainment filed an 8-K filing with the Security and Exchange commission admitting that they had been hacked to the tune of 1.3 terabytes of information. That amounts to 560 million customers’ personal information that has been stolen from the company’s servers. Today, we take a look at the hack and what...

Did You Trade Your Data for a DVD Rental?

In June of this year, publisher Chicken Soup for the Soul Entertainment, best known for its book series of the same name, filed for Chapter 7 and Chapter 11 bankruptcy and had many of its assets liquidated. One of these assets was the movie rental service Redbox and its eponymous scarlet rental kiosks, rendering the service defunct. However, many kiosks remain standing outside businesses even now...

Tip of the Week: Three Steps to Policing Your IT Policies

Small businesses are presented with the challenging prospect of monitoring and policing various IT-related policies that you might have for your network infrastructure and workplace technology use. The difficulty of this notion does little to lessen its importance, however. You need to take action to protect your assets, data, and reputation from the countless threats out there, and ensuring that ...

Sound Familiar?

Here are some of the most common complaints we hear from businesses that aren’t satisfied with their IT vendor and want to switch to White Mountain.

There is a Better Way!

Give White Mountain IT a Call Today

BOOK A CALL

Nationwide Remote IT Services,

Without a Long Term Contract.

We provide services and support to businesses throughout the US. If we do not have an on-site resource in your area, we can manage a local vendor to provide on-site assistance if and when needed.

All our Managed Services are carried out by our dedicated team of full-time employees. These professionals have successfully cleared multiple security and background checks, ensuring the highest level of service and reliability for your business. 

Need an Onsite Visit?

We've Got You Covered!

Manchester N.H. Office:

121 Riverfront Drive
Manchester NH 03102

Nashua N.H. Office:

33 Main Street
Suite 302
Nashua NH 03064

Client Help Desk        603-889-2210

New Client Inquiries   603-889-0800

OPEN POSITIONS

Client Help Desk

603-889-2210

New Client Inquiries
   603-889-0800

© 2025 All Rights Reserved. Areas We Serve copy_right_image

Protected by Copyscape Plagiarism Checker – Do not copy content from this site.