(Reuters) -A Chinese smartphone application that monitors the health of athletes at the Beijing Winter Olympics has security vulnerabilities. According to a https:// report by Canadian researchers, the app is vulnerable to hackers and privacy breaches.

Beijing Organising Committee created the MY2022 App primarily to share COVID-19-related information with athletes during the Games.

Citizen Lab Toronto research found MY2022 had failed to adequately encrypt data transfer, which made it susceptible to hackers. The privacy policies of MY2022 did not indicate which organizations it would share users’ data with.

International Olympic Committee (IOC), stated that it conducted independent assessments of the application, and found no “critical vulnerabilities”.

The IOC stated in a statement that “it is not mandatory to install My 2022′ onto cell phones.”

Yu Hong (director general, technology section of the committee) stated on Wednesday that its main purpose is to monitor the health of people and that strict data security rules are followed.

At a briefing organized by the Chinese Embassy in America, Beijing 2022 said that all of the technology elements for the MY2022 App have been verified by appropriate app stores. Her remarks were made via video link from Beijing.

Yu said also that technological vulnerabilities were part of the process when creating this app. She explained that her department kept it updated to fix such problems.

Citizen Lab analysts claimed they were able to find the vulnerabilities in iOS after creating an account. Although they were not able to create an account for the Android version, the researchers said that the security holes existed in both MY2022 versions.

MY2022 was found to have failed to issue SSL certificates. SSL certificates can be used to authenticate website identities and allow for encrypted connections. Hackers could exploit this to send the data to malicious websites.

Non-encrypted data is transmitted to “tmail.beijing2022.cn” by MY2022.

According to the report, “Such data is easily accessed by passive eavesdroppers such as anyone in reach of an unsecured WiFi connection point, somebody operating a WiFi hotspot, an Internet Service Provider and other telecommunications companies.”

Citizen Lab claimed that it had notified the Beijing Winter Olympics Organising Committee Dec. 3 about its security concerns, but was not able to receive any reply.

February 4th will see the Winter Olympics begin. Over concerns regarding China’s human rights, several countries have boycotted the Games, including Australia and Japan.