One of the worst cyber security incidents of 2018 was when Strava, a popular fitness tracker, accidentally leaked the locations of top-secret military facilities in Syria and other conflict zones, also revealing soldiers’ locations in the process.
Strava published a Global Heat Map that used satellite information to show where Strava users exercised. The problem was the map also showed suspicious movement in certain areas of Iraq and Syria, indicating activity from Strava-wearing US military personnel.
Now, eight months after the fact, the Pentagon seems to be taking measures to prevent fitness tracker data leaks. Stopping short of banning the devices, the Defense Department took steps to advise military personnel to be very careful when sharing their data with fitness apps.
“These geolocation capabilities can expose personal information, locations, routines, and numbers of DOD personnel, and potentially create unintended security consequences and increased risk to the joint force and mission,” said a leaked Department of Defense memo obtained by the Associated Press.
The official guidelines suggest that location tracking is fine for troop exercises at home but should be very carefully considered in areas like Syria, Iraq, Afghanistan and other combat zones.