Polar fitness app revealed sensitive information of overseas soldiers

0
12

Not good.
Image: BOB AL-GREENE/MASHABLE

Who would have thought getting in shape could be so risky. 

Fitness apps help you track your runs, calories burned, and maybe even your heart rate. If you happen to be using a Polar device and its associated app, however, that information — in addition to small details like where you live — could end up in the wrong hands. 

Approximately six months after researchers revealed that so-called Strava heatmaps allowed for the identification of secret overseas military bases, a joint effort from the Dutch De Correspondent and the open source investigative site Bellingcat discovered that another fitness app was making all kinds of user data public that, if it got into the wrong hands, could do serious harm. 

Specifically, Bellingcat notes that Polar’s Polar Flow app “is revealing the homes and lives of people exercising in secretive locations, such as intelligence agencies, military bases and airfields, nuclear weapons storage sites, and embassies around the world.”

A big part of the problem appears to be that Polar allows users to view all the exercises of a particular individual if that person decided to share them publicly to Polar Flow’s Explore map. So, for example, you can see the routes of a person jogging near an airport in Iraq that happens to be near a military base and also that the person in question likes to go for runs in the Netherlands. And you can see where those runs start and stop. 

In a statement, the company stated it was suspending the Explore API but also denied there was any leak of information. 

“We recently learned that public location data shared by customers via the Explore feature in Flow could provide insight into potentially sensitive locations,” read the statement in part. “It is important to understand that Polar has not leaked any data, and there has been no breach of private data. Currently the vast majority of Polar customers maintain the default private profiles and private sessions data settings, and are not affected in any way by this case.” 

In other words, according to Polar, the “Airmen involved in the battle against the Islamic State” who Bellingcat researchers were able to identify and find their homes were the ones who messed up, not Polar. 

Keep that in mind the next time you head out for a run. Oh, maybe also remember that you might not be the only one following along. 

Read more here: http://mashable.com/

LEAVE A REPLY

Please enter your comment!
Please enter your name here