In France, data on nuclear submarine patrols was leaked, as the crew of one of these boats accidentally disclosed patrol schedules and routes using the Strava fitness tracker.
According to Le Monde's investigation, more than 450 users of the app have been active on the Île Longue base in Brest Harbor (Finisterre) over the past 10 years, many of them using their real names and public profiles, which allowed journalists to identify specific individuals.
The Île Longue base is a key facility of the French nuclear fleet. It is home to four nuclear submarines. To ensure security, the territory is monitored around the clock using drones and constant patrols, and access to the base is strictly regulated. Cell phones are prohibited at the facility, and employees are required to leave them in special boxes at the entrance. However, a data leak did occur - through a smartwatch that was used to record activity in Strava.
| Reference: Strava is a mobile app and website for tracking sports activity, a popular running assistant and fitness tracker used by 100 million users worldwide. The program helps people track heart rate, activity data, GPS location, and much more. Service motto: "a social network for athletes". The most popular activities in the app are running and cycling. |
For example, a user named Paul recorded 16 workouts in January 2023. And on February 3 of the same year, his route ran along the docks where submarines are located. After that, he disappeared from the app for almost 2 months and returned only on March 25, 2023. Users Arthur and Charles had a similar time gap, indicating that they were on patrol. Paul justified his absence from Strava by reporting difficulties in returning to the sport after "two and a half months in a waste box," adding an emoji with bubbles and a diving mask 💦🤿.
Despite enhanced security measures and patrols, the information leak was made possible through the Strava fitness app, where employees record their runs. Analysis of user profiles showed that after regular training near the submarine docks, activity suddenly stops for several weeks. This time coincides with boat patrols.
See also: Video review of the Samsung Galaxy Fit3 fitness bracelet
Representatives of the French Navy admitted that the watch could have passed through the security system despite the ban. At the same time, they noted that such cases are associated with staff negligence, but do not pose critical risks to the base. However, as journalists note, the routes on Strava could allow foreign intelligence agencies to learn about the time when submarines are going to be at sea. This is especially true for training in the dock area, where access is restricted. Although the French navy claims that the security measures ensure safe patrolling, experts believe that complete protection can never be guaranteed. The Strava problem points to the need for stronger control over compliance with safety rules.
This is not the first time that user data has been disclosed through the Strava app. Earlier in 2024, Le Monde revealed serious security risks for Joe Biden, Donald Trump, and Kamala Harris. The movement of their bodyguards was tracked through the Strava app, which is used by bodyguards, including the US Secret Service.