A map showing paths taken by users of an exercise tracking app reveals potentially sensitive information about American and allied military personnel in places including Afghanistan, Iraq and Syria.
While some bases are well known to groups that want to attack them, the map also shows what appear to be routes taken by forces moving outside of bases — information that could be used in planning bombings or ambushes.
The map, made by Strava Labs, shows the movements of its app users around the world, indicating the intensity of travel along a given path — a “direct visualization of Strava’s global network of athletes,” it says.
Routes are highlighted over large parts of some countries, but in others, specific locations stand out.
The map of Iraq is largely dark, indicating limited use of the Strava app, but a series of well-known military bases where American and allied forces have been deployed as part of their war against the Islamic State (IS) group are highlighted in detail.
These include Taji north of Baghdad, Qayyarah south of Mosul and Al-Asad in Anbar Province.
Smaller sites also appear on the map in northern and western Iraq, indicating the presence of other, lesser-known installations.
Stretches of road are also highlighted, indicating that Strava users kept their devices on while traveling, potentially providing details about commonly-taken routes.
In Afghanistan, Bagram Airfield north of Kabul is a hive of activity, as are several locations in the country’s south and west.
– Opting out an option –
Tobias Schneider, a security analyst who was among the group of people who highlighted the military bases shown on the map, noted that it shows military sites in Syria and Iraq as well as the Madama base used by French forces in Niger.
“In Syria, known Coalition (i.e. US) bases light up the night. Some light markers over known Russian positions, no notable coloring for Iranian bases,” Schneider wrote on Twitter.
US troops are deployed in support of local forces battling IS in Syria as well as Iraq, while Russian and Iranian units are backing President Bashar al-Assad’s Syria government in that country’s civil war.
“A lot of people are going to have to sit thru lectures come Monday morning,” Schneider wrote, referring to soldiers likely to be taken to task for inadvertently revealing sensitive information while trying to keep in shape.
“Bases are fixed & hard to conceal,” he wrote, so the “biggest potential threat is to tracking movement.”
The US Department of Defense said it is “reviewing” the situation.
“Recent data releases emphasize the need for situational awareness when members of the military share personal information,” Major Audricia Harris, a Pentagon spokeswoman, told AFP.
“DoD takes matters like these very seriously and is reviewing the situation to determine if any additional training or guidance is required, and if any additional policy must be developed to ensure the continued safety of DoD personnel at home and abroad,” Harris said.
The Pentagon “recommends limiting public profiles on the internet, including personal social media accounts,” she said.
The issue could have been fairly easily avoided. According to Strava, “athletes with the Metro/heatmap opt-out privacy setting have all data excluded” from the mapping project.