Garmin military
Image source: Garmin

Strava data sparks fresh security concerns after naval location leak

Ivan Jovin 3 min read

A French naval officer has reportedly revealed the real time location of the aircraft carrier Charles de Gaulle after uploading a run recorded on deck to Strava. The incident is once again raising questions about how detailed fitness tracking data can expose far more than users expect.

It all centres on a simple idea. Someone goes for a run, records it on their watch, and uploads it to Strava. That activity includes GPS data, timestamps, and often a visible route map. In most cases, it is harmless. In the wrong setting, it is anything but.

How a simple run becomes sensitive data

The latest case involves a French naval officer aboard the aircraft carrier Charles de Gaulle. While the ship was operating in the eastern Mediterranean, the officer logged a short run on deck and uploaded it to Strava. The map shows a small loop, which makes sense for a run on a carrier, but it also includes precise GPS coordinates and a timestamp.

That is where things get interesting. Those coordinates effectively place the ship in a specific spot at a specific time. If you line that up with publicly available information about deployments, it fills in gaps that were not meant to be filled.

Strava data leak

The shape of the route adds another layer. It is not just any run. It is a tight, repetitive loop with no surrounding roads or landmarks. That makes it fairly obvious this is happening on a large vessel rather than on land. You do not need much imagination to figure out what kind of vessel it is.

There is no hacking involved here. The data is uploaded by the user, just like any other workout. In this case, it looks like the run that was shared without much thought about who might end up seeing it.

Even with privacy settings in place, things can still slip through. Followers might still have access. Segments can expose parts of the route. And once someone screenshots or shares the activity, it is out there.

That is the tricky bit. Strava is doing exactly what it is supposed to do. It tracks movement and shows it clearly. The problem is not the feature, it is where and when that feature is used.

This is not the first time

If this feels familiar, it should. Back in 2018, Strava’s global heatmap revealed activity patterns in remote regions. Those patterns ended up highlighting military bases that were otherwise hard to spot.

What has changed since then is not the core problem. It is the scale. There are now more devices, more users, and more detailed data being generated every day.

Modern wearables track with higher precision. They record more frequently. They sync faster. All of that increases the chance that something sensitive slips through.

Our takeaway

The uncomfortable truth is that most users do not think about sensitive information when they hit upload. They are focused on their workout, not on how that data might be interpreted.

Strava does offer privacy controls. You can hide start and end points. You can make activities private. You can restrict visibility to followers only. But those settings are not always used properly. And even when they are, edge cases still exist.

Subscribe to our monthly newsletter! Check out our YouTube channel.

And of course, you can follow Gadgets & Wearables on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Ivan Jovin

Ivan has been a tech journalist for over 12 years now, covering all kinds of technology issues. Based in the US - he is the guy who gets to dive deep into the latest wearable tech news.

Ivan Jovin has 2026 posts and counting. See all posts by Ivan Jovin

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.