New military mess with Strava: a training session exposes the largest French aircraft carrier in real time

The relationship between sports and security is once again in the spotlight. Years after the heat map of Strava revealed military installations around the world, a new leak demonstrates the importance of properly configuring your account. 

Strava once again puts sensitive information at risk: a French aircraft carrier is exposed during deployment

The latest incident involves a member of the French navy stationed on the aircraft carrier Charles de Gaulle. During a training session on board, the serviceman recorded his activity with a GPS device connected to Strava and published it on a public profile.

The result was that the seemingly innocent route allowed for the precise location of the French naval group in the eastern Mediterranean to be identified, at a time of heightened geopolitical tension in the area.

Although the presence of the aircraft carrier in the region was already known, what changes the scenario is the level of detail. The recorded activity provided a near real-time location, something that can have clear strategic implications.

RECOMENDADO

A 2021 Canyon with a dropper post—what’s the story behind Shimano’s blue bikes?

30-minute roller sessions to improve

No time to train? Here's how you can keep improving on your bike

Understanding the RPE scale is key to training based on how you feel

Pogacar and the limits of the tire: Roubaix will determine how far one can go

How, when, and how much: the ultimate guide to carbohydrates for cyclists

This new case fits into a pattern that has been repeating for years. Strava, like other sports platforms, allows users to share workouts with extremely precise geolocation data. When this data is made public without restrictions, it can become a source of sensitive information.

It has happened before with military installations identified through the global activity map, security teams of political leaders exposing their routes, or military personnel sharing workouts in sensitive areas. This highlights the lack of control over data privacy for certain profiles.

Despite the fact that both platforms and official organizations have introduced improvements in privacy and warnings, the problem still largely depends on the user.

In this specific case, the activity did not violate any technical limitations of the application, but it did breach internal protocols of the military environment. In other words, the technology works as designed, and the failure lies in how it is used.

The solution is as simple as correctly configuring the privacy of activities or avoiding posting real-time data from sensitive locations.

However, the repetition of such incidents demonstrates that Strava, in addition to being a sports social network, is also an open window to information that, in some contexts, should remain closed.