Polar Flow fitness app exposed locations of spies and military personnel

“A popular fitness app that tracks the activity data on millions of users has inadvertently revealed the locations of personnel working at military bases and intelligence services,” Zack Whittaker writes for ZDNet. “The app, Polar Flow, built by its eponymous company Polar, a Finnish-based fitness tracking giant with offices in New York, allowed anyone to access a user’s fitness activities over several years — simply by modifying the browser’s web address.”

“For most users who set their activity tracking records to public, posting their workouts on Polar’s so-called Explore map is a feature and not a privacy issue. But even with profiles set to private, a user’s fitness activity can reveal where a person lives,” Whittaker writes. “An exposed location of anyone working at a government or military installation can quickly become a national security risk.”

“It’s the second time this year a fitness app has sparked controversy by revealing the locations of personnel at sensitive installations. Strava changed its privacy settings after word quickly spread that the fitness trackers used by military personnel were exposing the classified routes between bases on the battlefield, making it easy to launch attacks,” Whittaker writes. “Much of the controversy was because the companies put the onus of privacy on the user, but many are not aware their information is searchable, let alone accessible by anybody.”

Read more in the full article here.

MacDailyNews Take: Once again: “Ah, ‘privacy’ in ‘modern’ times. Ain’t it grand?”

U.S. voters’ data exposed by robocall firm; each record contained name, address, and political affiliation – July 18, 2018

[Thanks to MacDailyNews Readers “Fred Mertz” and “Road Warrior” for the heads up.]


  1. Yahoo, first “Thanks” I’ve got in a very long time and a first post. Only cause the folks of the MDN community are so great.

    Anyway on topic, if this keeps up agencies might be asking, heck begging companies not to put back doors into their services whatsoever, as the pendulum swings.

    Privacy won’t mean much until someone really abuses it.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.