US military officials are investigating a possible security risk posed by an online heatmap that shows running routes used at top secret army bases in conflict zones around the world.
The Global Heat Map, published by GPS tracking company Strava, uses satellite information to map the movements of subscribers to its fitness service over a two-year period by lighting up areas of activity.
Strava says it has 27 million users around the world, including people who own widely available fitness devices, as well as people who directly subscribe to its mobile app.
The map is not live, but shows a pattern of accumulated activity between 2015 and September 2017.
The map shows a lot of activity in the US and Europe, but in war zones and deserts in countries such as Iraq and Syria the heat map becomes almost entirely dark – except for scattered evidence of activity.
A closer look at those areas may reveal the outlines of well-known US military bases, as well as other lesser-known and potentially sensitive sites – possibly because American soldiers and other personnel are using fitness trackers as they move around.
The Global Heat Map was posted online in November 2017, but the information it contains was only publicised recently.
The data could provide information to someone who wants to attack or ambush troops, the Washington Post reported.
Military officials are looking into the situation to determine how to respond.
“The Department of Defence (DoD) takes matters like these very seriously and is reviewing the situation to determine if any additional training or guidance is required, and if any additional policy must be developed to ensure the continued safety of DoD personnel at home and abroad,” spokeswoman Major Audricia Harris said.
Strava said in a statement that the heatmap gives an anonymised view of users’ activities and excludes those marked as private.
“We are committed to helping people better understand our settings to give them control over what they share,” it said and directed users to its privacy statement.