Polar fitness app exposed locations, names and addresses of soldiers and spies

For the second time this year, a fitness app is to blame for revealing the locations of people working at military bases, intelligence agencies and other sensitive sites as well as pinpointing those users’ homes.

The fitness app Polar Flow allows users to share the GPS locations of where they are exploring – aka exercising; that’s supposedly a feature and not a flaw. Yet the API could be queried to reveal users’ fitness activities, their locations, their homes – as it is often where people would turn on and later off the tracking when beginning and ending a workout – and some additional sleuthing revealed even users’ names.

Read how reporters used the Explore API of the Polar fitness app to determine the GPS location data of sensitive locations as well as the names and addresses of soldiers and spies, on CSO.