The Polar Flow fitness app provides an overview of your training activities. In addition to the calories and speed consumed, the route traveled is also shown if the user with GPS has sported .
Now it appears that everyone can see where users have played. The Correspondent and research group Bellingcat have discovered this. The addresses of users can be found via the Polar website. This is because many users have filled in the place of residence and name on the website. The activities can be seen on the Polar maps. Since the training often starts from the home address, this can easily be retrieved.
Similarly, military addresses and secret service personnel could also be seen around the world. Workers from the American intelligence service NSA, the Dutch MIVD and the Russian intelligence service GRU did not escape sight. The Correspondent found 6460 users from 69 different nationalities in 208 locations.
The maps on which the data of all users can be seen have now been taken offline by Polar. However, Polar does make a qualification by emphasizing that it is not a data breach. The user chooses to share the sports activities himself. Polar is currently looking for a solution to prevent sensitive data from the map from being visible.
Ministry of Defense
The Ministry of Defense has now blocked several sports apps on work telephones. Employees are also informed about the potential risks of these sports apps when it comes to privacy and security. Defense is going to launch a campaign to warn military and civilian employees and generate awareness.
This is not the first issue surrounding privacy of soldiers with training data. Earlier this year, it was Strava who gave headaches about privacy . Via thermo maps, routes and positions of soldiers could be traced. Which app is next?