Beijing Olympics App Could Expose Athletes’ Personal Data, Researchers Warn

Topline

An app that athletes, spectators and media attending the Beijing Olympic Games must download and use for daily Covid-19 monitoring has security flaws that could expose users’ personal information, cybersecurity researchers at the University of Toronto warned Tuesday.

Key Facts

The app My2022 has a “simple but devastating” flaw, which at times failed to encrypt user data, leaving personal information exposed, the report by Citizen Lab said.

Attendees of the Winter Games use the app to upload information such as passport details, travel plans and medical histories before they arrive in China, and have to continue using it during the event for daily Covid-19 monitoring.

The app could censor some 2,400 keywords related to politics, but the feature appeared to be inactive, the report said.

The app’s security issues most likely violate Google and Apple’s policies, the report said.

Google and Apple did not immediately respond to a Forbes request for comment.

The security flaws are “not particularly surprising” for apps running in China, as similar issues have been found in most of the popular Chinese Web browsers, the report said.

Key Background

This is not the first time concerns have been raised about cyber security at the Winter Games. Last week, the U.S. Olympic and Paralympic Committee advised athletes, coaches and staff to refrain from using their personal electronic devices during the event due to surveillance concerns. It recommended attendees use “burner” phones instead of their cell phones. Athletes in the Netherlands, U.K, Australia and Canada have received similar recommendations, USA Today reported.

Tangent

Surveillance cameras have been installed outside people’s doors and sometimes even inside people’s homes, CNN reported. There are at least 567 million surveillance cameras installed across China, CNN said. That is six times the number of cameras in the United States. 

Further Reading

Official Beijing 2022 Olympics Mobile App Is Marred by Security Flaws, Researchers Say (Wall Street Journal)

My2022: Beijing Olympics app vulnerable to data breaches, analysts warn (BBC)

Source: https://www.forbes.com/sites/lisakim/2022/01/18/beijing-olympics-app-could-expose-athletes-personal-data-researchers-warn/