Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense

Beijing’s Winter Olympics app found to have significant data flaws

Analysts find China’s MY2022 app may not protect sensitive data input by users

Add bookmark
Beth Maundrill
Beth Maundrill
01/19/2022
Beijing’s Winter Olympics app found to have significant data flaws

An app mandated for use by all attendees of the 2022 Winter Olympic Games in Beijing between 4 and 20 February 2022 has been found to have a significant flaw which leaves much of the sensitive data input into the app vulnerable.

Cyber security group the Citizen Lab said in an article published on 18 January 2022 that the flaw means in the MY2022 app “encryption protecting users’ voice audio and file transfers can be trivially sidestepped”.

The types of data being input into the app includes passport details, demographic information, and medical and travel history which Citizen Lab says is vulnerable.

The group adds that server responses can also be spoofed, allowing an attacker to display fake instructions to users.

While the information collected is made clear by the app, what is unclear is who this information is shared with according to the analysts. The analysis found that MY2022 fails to validate SSL certificates, therefore failing to validate whom it is sending sensitive, encrypted date to.

The Citizen Lab has highlighted that the app’s security deficits may not only violate Google’s Unwanted Software Policy and Apple’s App Store guidelines but also China’s own laws and national standards pertaining to privacy protection, providing potential avenues for future redress.

Censorship

China’s government is well known for censorship of online media within its borders and MY2022 is no exception.

The app includes features that allow users to report politically sensitive content and includes a censorship keyword list, which Citizen Lab says is inactive at the time of writing but targets a variety of political topics including domestic issues such as Xinjiang and Tibet, and references to Chinese government agencies.

The Citizen Lab said: “Our findings analyzing MY2022, while concerning, are not particularly surprising for apps operating in China and sometimes apps developed by Chinese companies.”

Tags: Data protection app censorship encryption Beijing Olympics MY2022 Citizen Lab

Upcoming Events

16th Automotive Cybersecurity Summit 2026

March 18 - 19, 2026

Sheraton Ann Arbor Hotel, Ann Arbor, Michigan

Register Now View Agenda View Event
16th Automotive Cybersecurity Summit 2026

Digital Identity Week

1st - 2nd September 2026

Sydney, Australia

Register Now View Agenda View Event
Digital Identity Week

Latest Webinars

From Dependencies to Defences: Navigating Software Supply Chain Security

2025-09-24

11:00 AM - 12:00 PM SGT

Learn how to defend your software supply chain from dependency threats and build resilient security...

From Dependencies to Defences: Navigating Software Supply Chain Security

Unpacking global regulatory frameworks to enhance third-party operational resilience

2024-11-14

11:00 AM - 12:00 PM EST

Join this webinar to explore the resilience-focused requirements of DORA, NIS2 and other global regu...

Unpacking global regulatory frameworks to enhance third-party operational resilience

Preventing financial and reputational risk with process intelligence

2024-05-23

11:00 AM - 12:00 PM EDT

Learn how to manage risk stemming from poorly controlled processes in a collaborative way

Preventing financial and reputational risk with process intelligence

Recommended

info@cshub.com/r/n

We hope you enjoy All Access from CS Hub!!<\/p>\r\n<p>Best Regards,<\/p>\r\n<p><a href=https://www.cshub.com/"https:////www.cshub.com///" target=\"_blank\">CS Hub Team<\/a><\/p>\r\n<p>P.S. Be sure to check out our other upcoming <a href=https://www.cshub.com/"https:////www.cshub.com//events?filter_format=ONLINE\%22 target=\"_blank\">All Access events here<\/a>.<\/p>\r\n<p>--------------------------------<\/p>\r\nConnect with us on Social Media: <a href=https://www.cshub.com/"https:////www.linkedin.com//groups//12067996///" target=\"_blank\">LinkedIn<\/a> | <a href=https://www.cshub.com/"https:////twitter.com//CSHubUSA/" target=\"_blank\">Twitter<\/a><\/p>\r\n<p>--------------------------------<\/p>\r\n<p>FAQS<\/p>\r\n<p><b>Can I invite my colleagues?<\/b><br>Yes of course! Please send them this link so they can register for free! [WebUrl]<\/p>\r\n\r\n<p><b>How do I access the sessions?<\/b><br>\r\nAll Access is run on Zoom Events. You should receive an email shortly from Zoom Events with your unique All Access link to the event lobby. Please hold on to that email ahead of the event. We\u2019ll also send you a reminder 24 hours before we go live!<\/p>\r\n\r\n<p><b>Will the agenda be updated?<\/b><br>\r\nYes, the agenda will be continuously updated on the website with the latest sessions & speakers. As we get closer to the event, also look out for our weekly updates which will also include the latest updates information and link to access the event.<\/p>\r\n<p><b>Can I access the sessions On Demand?<\/b><br>\r\nEvery session will be available after the event via the event lobby. We\u2019ll also send you a reminder about the On Demand sessions which will be sent to you after the event is over.<\/p>\r\n<p>--------------------------------<\/p>\r\n<p>RELATED RESOURCES TO READ BEFORE YOUR EVENT<\/p>\r\n<ul>\r\n <li><a href=https://www.cshub.com/"https:////www.cshub.com//executive-decisions//reports//cs-hub-mid-year-market-report-2022?utm_source=eco-event-confirmation-email&utm_medium=email&utm_campaign=eco-event-confirmation-email\%22 target=\"_blank\">CS Hub Mid-Year Market Report 2022<\/a><\/li>\r\n <li><a href=https://www.cshub.com/"https:////www.cshub.com//security-strategy//reports//ciso-strategies-for-proactive-threat-prevention?utm_source=eco-event-confirmation-email&utm_medium=email&utm_campaign=eco-event-confirmation-email\%22 target=\"_blank\">CISO strategies for proactive threat prevention<\/a><\/li>\r\n <li><a href=https://www.cshub.com/"https:////www.cshub.com//security-strategy//reports//how-to-strengthen-email-security-and-protection-against-advanced-ransomware-attacks?utm_source=eco-event-confirmation-email&utm_medium=email&utm_campaign=eco-event-confirmation-email\%22 target=\"_blank\">How to strengthen email security and protection against advanced ransomware attacks<\/a><\/li>\r\n<\/ul>","event_registration_srs_confirmation_email":null,"assets_from_cdn":true},"bant_disabled":0,"sponsorship_disclaimer":null,"sponsorship_disclaimer_text":null,"sponsorship_disclaimer_checkbox_disabled":0,"ext_treat_id":null,"recording_url":null,"file_attachment":null,"ingo_enabled":null,"ingo_activator_id":null,"ingo_autofiller_id":null,"ingo_amplifier_id":null,"ingo_authorizer_id":null,"restricted_content":0,"featured_events_embedded":[],"featured_content_embedded":[],"featured_content_portal_embedded":null}" >

FIND CONTENT BY TYPE

News Case Studies Interviews White Papers Videos

Cyber Security Hub COMMUNITY

About Us Power10 Contact Us Advertise with us Cookie Policy User Agreement Become a Contributor All Access from CS Hub Become a Member Today Media Partners

ADVERTISE WITH US

Advertise Now

JOIN THE Cyber Security Hub COMMUNITY

Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.

Cyber Security Hub, a division of IQPC

© 2026 All rights reserved. Use of this site constitutes acceptance of our User Agreement, Privacy Policy and Cookies Settings.

Careers With IQPC | Contact Us | About Us | Cookie Policy