Yesterday, reports surfaced that a heat map released by fitness app company Strava showed the locations of US and other countries' military. While most of the locations spotted, including Afghanistan and Syria, are known to host US military bases, it still highlights the fact that information the Department of Defense would prefer remain under wraps could find its way out into the open. It also demonstrates that fitness apps could pose a security threat if location information isn't correctly handled. Now, Reuters reports, US Defense Secretary Jim Mattis has ordered a review of the situation.
Strava released their global heatmap. 13 trillion GPS points from their users (turning off data sharing is an option). https://t.co/hA6jcxfBQI ... It looks very pretty, but not amazing for Op-Sec. US Bases are clearly identifiable and mappable pic.twitter.com/rBgGnOzasq— Nathan Ruser (@Nrg8000) January 27, 2018
In a statement, the Pentagon said, "We take matters like these very seriously and are reviewing the situation to determine if any additional training or guidance is required, and if any additional policy must be developed to ensure the continued safety of DOD personnel at home and abroad." Colonel Robert Manning said during a news briefing today that to his knowledge, no US bases had been compromised by Strava's Heat Map.
In the past, the US military has questioned the use of both Kaspersky software and DJI drones with some believing they pose security threats. It's no surprise that the military would want to look into how its personnel use a fitness app that can collect and broadcast its users locations.