Senators question Pentagon over workforce's use of data-leaking fitness app Strava


Written by

A bipartisan group of senators wants the Defense Department to explain how a popular fitness app apparently used by some U.S. military personnel, intelligence analysts and Pentagon officials led to the disclosure of secret bases and facilities around the world.

Tom Cotton, R-Ark., and Richard Blumenthal, D-Conn., wrote a letter to Defense Secretary James Mattis, questioning the department’s policy for employees using wireless networks and devices on military sites after.

The app, Strava, inadvertently shared a heat map that recently detailed its users’ activities, prompting a DoD-wide review of personal electronics at its installations. The heat map revealed the locations of several secret U.S. military bases when the data was dumped in November. Patrick Shanahan, deputy secretary of Defense, was wearing a Fitbit watch up until last week, potentially exposing himself to this breach.

If Android users using the fitness app don’t enable the “nomap” feature — which disables a Wi-Fi network from being mapped — they risk sharing personal information and location.

Cotton and Blumenthal want to know if the Pentagon regularly uses “nomap” for its Wi-Fi networks so that Google cannot use them in location tracking and if the tech giant has ever advised the department to enable the feature.

“In an era of increasingly contested cyber domains, we could be unknowingly allowing our adversaries to map DoD networks for cyber intelligence, surveillance, and reconnaissance and operational preparation of the environment,” the pair wrote in the letter.

In November, Quartz revealed that Google collects Android users’ locations even if the user has their location setting disabled. Google could be tracking your every move through its product called Location History, commonly used to predict traffic and restaurant recommendations.

Strava is commonly used on smartphones and Fitbit watches to track how far a person has ran, bicycled or swam.  The aforementioned heat map was released in November to show where people were running but globally, people discovered a different use for it.

-In this Story-

data breaches, Department of Defense (DOD), government, Richard Blumenthal, tom cotton