Polar fitness app exposed locations, names and addresses of soldiers and spies

For the second time this year, a fitness app is to blame for revealing the locations of people working at military bases, intelligence agencies and other sensitive sites as well as pinpointing those users’ homes.

The fitness app Polar Flow allows users to share the GPS locations of where they are exploring – aka exercising; that’s supposedly a feature and not a flaw. Yet the API could be queried to reveal users’ fitness activities, their locations, their homes – as it is often where people would turn on and later off the tracking when beginning and ending a workout – and some additional sleuthing revealed even users’ names.

Read how reporters used the Explore API of the Polar fitness app to determine the GPS location data of sensitive locations as well as the names and addresses of soldiers and spies, on CSO.

Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief