A recent investigation by a French newspaper Le Monde Fitness app Strava has revealed that it accidentally published the location information of prominent leaders including former President Donald Trump and Vice President Kamala Harris.
What did the investigation find?
In the study, published in French and English, some U.S. Secret Service officials looked at the apps commonly used by runners and cyclists to track and share routes, log their activities, and share their workouts with the community. It became clear that he was using Strava. Their use of the app unintentionally left a trail of digital breadcrumbs that could put protected individuals at risk.
Strava users from presidential security departments, including those protecting US President Joe Biden, Harris, Trump, French President Emmanuel Macron, and Russian President Vladimir Putin, were identified in the investigation.
for example, Le Monde tracked the Strava movements of Macron’s bodyguards and found that the French president spent a weekend in the Normandy seaside resort of Honfleur in 2021. The trip was supposed to be private, but it was not listed on the president’s official itinerary.
In another example, Le Monde The newspaper said activity on the app by Biden’s security team preemptively revealed the hotel where he would stay in San Francisco for a key meeting with Chinese President Xi Jinping in 2023. . The newspaper said it was learned that Biden had jogged out of the hotel hours before his arrival. I tracked his route using Strava.
In addition, Le Monde He said the Strava profiles of the bodyguards of former first lady Melania Trump and current first lady Jill Biden could be tracked to determine their whereabouts.
Photo by TIMOTHY A. CLARY/AFP, Getty Images
What did the Secret Service say?
in a statement to Le Mondethe U.S. Secret Intelligence Service assured that their protocols limit the use of devices while on duty. However, it said there were no major security breaches and added that use outside of working hours is not prohibited.
Following the report, the agency promised to review the matter and provide additional guidance to its staff.
“Affected staff have been notified,” it said. “We will review this information and determine whether additional training or guidance is required.”
“We do not assess that there was any impact on protection activities or threat to protected persons,” it added. Locations “will be published periodically as part of the public release of schedules.”
How many agents are using the app?
Le Monde They announced that they had identified 26 US personnel, 12 members of France’s GSPR (Security Group of the President of the Republic), and six members of Russia’s FSO (Federal Protection Service). All were responsible for the president’s security, and they had public accounts. That’s why Strava communicated their movements online, including while traveling for work.
but, Le Monde The name of the bodyguard was not disclosed for security reasons.
Impact of the study
The study highlights potential security flaws stemming from traceable Strava data, particularly when security personnel tasked with pre-arranging travel later report that global leaders are on high-stakes This is especially true when sensitive locations such as hotels where meetings are convened are inadvertently exposed.
The report also noted that when bodyguards use their full names on Strava, additional sensitive information, such as personal addresses and family information, is exposed and could be used for malicious purposes.
However, in response, Macron’s office said on Monday that the impact of the reported issue was as follows: Le Monde “It is very minor and in no way affects the security of the President of the Republic,” he added, adding that local authorities are aware of Mr Macron’s movements in advance and that the places where he is staying are always completely protected. It added that it was safe. exist. ”
“Nonetheless, the chief of staff has issued a warning to staff not to use the app,” Macron’s office added.
Ibrahim Bigili, a cybersecurity professor at Louisiana State University, said the incident highlights the growing need for stronger regulation of fitness apps and the use of consumer data. Biggili’s research warns of the potential for misuse of fitness data, which could increase the risk of stalking, theft, or worse. He noted that consumers often unknowingly give companies permission to misuse their data.
“Companies love our data and we love our product, so we give it away for free,” he told The Associated Press. “The government needs to start seriously cracking down on how data is used and how long it is stored.”
This article includes reporting from The Associated Press.
