Beijing Olympics App 'My2022' has security flaws: Canadian cybersecurity group

Jan 18, 2022

Ottawa [Canada], January 18 : The Beijing Winter Olympics app, 'My2022' mandated for use by all Game attendees, contains security issues that might lead to data breaches, according to Canadian cybersecurity group Citizen Lab, which issued a warning on Tuesday, reported Sputnik.
"MY2022 ... has a simple but devastating flaw where encryption protecting users' voice audio and file transfers can be trivially sidestepped. Health customs forms which transmit passport details, demographic information, and medical and travel history are also vulnerable. Server responses can also be spoofed, allowing an attacker to display fake instructions to users," the group said in its press release.
Furthermore, the cybersecurity group noted that the app is "straightforward" about the sorts of information it gathers from users.
"However, as the app collects a range of highly sensitive medical information, it is unclear with whom or which organization(s) it shares this information," the group added, reported the news agency.
In addition to this, the group said that the application also has features that allow its users to report "politically sensitive" content.
"The app also includes a censorship keyword list, which, while presently inactive, targets a variety of political topics including domestic issues such as Xinjiang and Tibet as well as references to Chinese government agencies," the group concluded.
Last week media outlets reported that the Netherlands, the United States and a number of other Western countries warned their athletes of cybersecurity concerns during the 2022 Winter Olympics in Beijing.
The concerned countries urged their athletes to use disposable phones, or to use virtual private networks (VPNs) and to delete all personal data from gadgets, reported the news agency.
Notably, the 2022 Winter Olympics will be held in Beijing from February 4 to February 20.