The Strava fitness app ties into the handset’s GPS to let users map their runs, distances, and even trails. It has a feature called heatmap which provides a visualization of activities across the globe. Many users rely on this feature to find places to be active in their hometown or when they travel. However, it was reported recently that the feature may have inadvertently revealed locations of secret U.S. military bases. Strava has now said that it’s going to focus more security and will work with military officials to address potentially sensitive data.
The heatmap feature shows where all Strava users have run over a two-year period, their areas of activity are illuminated on the map. On closer inspection, the heatmap feature revealed locations in Iraq and Syria, it revealed the locations and outlines of known U.S. military bases and might have revealed some potential secret locations as well.
James Quarles, Strava CEO, wrote a letter to the community today that the company is taking this matter seriously. It’s working with military and government officials to address potentially sensitive data.
It’s also reviewing the feature to ensure that it can’t be compromised by bad actors. Strava’s engineering and user experience teams are also simplifying privacy and safety features to ensure that users are better informed at how they can control their own data.