Cyberhack Disaster at U.S. Center for Safe Sport Further Exposes the Group’s Overall Unprofessionalism and Diversionary Agenda

by Irvin Muchnick

Two months ago, Katie Strang of The Athletic broke the story of a serious data breach at the U.S. Center for Safe Sport, the new U.S. Olympic Committee agency supposedly adjudicating and reckoning for both historical and contemporaneous sexual abuse complaints. Strang’s good reporting is behind a paywall at https://theathletic.com/2122148/2020/10/07/u-s-center-for-safesport-server-hacked-sensitive-documents-potentially-exposed/.

Sources inside Safe Sport offices in Denver have given Concussion Inc. some new details, which I’ll proceed to share here. Obviously, the way this hack has exposed the personal information of accusers, plus details of their complaints sometimes involving third-party sources, is serious enough in itself.

In my analysis, the even bigger story is the fundamentally cavalier, public relations-first approach to safe sport — or, excuse me, SafeSport™ — under founding, deer-in-the-headlights chief executive Shellie Pfhol and her successor and current CEO, Ju’Riese Colón.

And just to get some housekeeping out of the way upfront, no, I didn’t waste time and bandwidth soliciting Safe Sport’s comment for this story. That’s because, in the past, Pfhol never responded to our inquiries. Moreover, the center’s Virginia-based communications guru, Dan Hill, is a con man. It’s telling enough that Safe Sport, whose intake and complaint resolution staff is woefully underresourced, has managed a line item in its budget for a PR flack. Hill claims he is working pro bono, but is there any reason to believe him? He refuses to release his contract with the organization.

My personal experience with Hill is another reason to tag him as a con man. Months after our sole telephone conversation, conducted on his cell phone outside the office, he fabricated its content and claimed that his office underlings heard the whole thing on speakerphone. Hill and a mixed martial arts fighter he manages, Heather Hardy, also have trolled Safe Sport complainant Sarah Ehekircher on social media; Hardy spiced the trolling with abusive language.

Back to the cyberhack and what those inside Safe Sport are saying about it. According to the center’s recent data, approximately 6,500 allegations of safe sport violations have been filed to date, and sanctions have resulted in the banning of around 300 coaches. The vast majority of cases remain untouched, and in the triage, barely or not at all even acknowledged.

One such case is the 2018 complaint against rapist former Irish Olympic swimming coach George Gibney, whom I call the most notorious at-large sex criminal in the history of global sports. The complaint was filed by now-retired Irish legislator Maureen O’Sullivan as part of a two-continent campaign to bring Gibney to justice and to hold accountable those who have enabled him across several decades.

In light of the recently concluded British Broadcasting Corporation podcast series Where Is George Gibney?, we now have even more ammunition for the U.S. Safe Sport jurisdiction (as well as for still feasible prosecution by the Hillsborough County state attorney in Florida. It was long known that Gibney raped and impregnated a 17-year-old Irish swimmer during a 1991 training trip by his team at the time, the Trojans out of Newpark Comprehensive School in Blackrock, County Dublin. The BBC podcast brought forward a second Gibney abuse victim in Tampa.

Additionally (in a factoid inexplicably left out of the podcast), Gibney coached for a USA Swimming club, North Jeffco in suburban Denver, shortly after he fled Ireland on a diversity lottery visa. That job was likely lined up by the American Swimming Coaches Association. So there is a double-barrel basis for jurisdiction in a U.S. Olympic movement investigation of Gibney.

According to our sources, the vulnerability of Safe Sport’s database was actually revealed as far back as the spring. One employee noted sourly that CEO Colón never informed Congress, and notified law enforcement only in the fall, with the utmost reluctance.

“The server,” a source told us, “was located in the kitchen of the headquarters. “Safe Sport never even hired an IT professional until the very week of the cyberattack.”

There is much more to say about the sorry state of the U.S. Center on Safe Sport, and we’ll be getting to it soon. The real power there is not the hapless Colón, but the recently installed general counsel, Heather O’Brien, a former small claims court judge in Florida who, an office source said, has taken to “intimidating and firing anyone who stood in her way.”

O’Brien’s predecessor, the dubiously credentialed Michael Henry, was the center’s highest-paid employee when he was terminated following an internal investigation. The list of Henry’s transgressions is too lengthy for this article. The one with which I am most familiar is the incident in which he tricked abuse complainant Ehekircher into doing a sitdown interview on audiotape and without her lawyer present, and under the guise that Henry himself was not the group’s director of legal affairs but just a lay office note-taker.

PREVIOUSLY: