- According to a joint investigation by De Correspondent and Bellingcat, the fitness app from Polar had vulnerabilities exposing their users' location data.
- This included the location details of soldiers and secret agents.
- Since then, Polar has suspended its "explore" card and stated that there is no data breach, as the data comes from public and non-personal profiles.
- However, the investigation claims that she was able to obtain information from both private and private profiles.
A joint study by De Correspondent and Bellingcat has revealed that the Finnish company Polar's fitness app Polar Flow has revealed the geolocalization details of its users.
Polar produces fitness tracking watches and hardware, all of which connect with its Polar Flow app. According to the research, the app's Activity Tracking Card (Explore) revealed the home addresses of thousands of users, including soldiers and secret agents. This is partly because people often turn their fitness trackers on or off when they are close to home and unknowingly reveal their location.
The study focused on two hundred sensitive sites and found 6,460 people from 69 nationalities using site scraping techniques. The two organizations found areas like a military base, selected an exercise that had been published there, and then simply looked at where the same user profile had been.
The investigation identified the names and addresses of employees from various intelligence agencies, including NSA, US Secret Services and MI6. Even sensitive employees often used their real names and made them easily identifiable.
Polar released a statement last Friday that it had blocked his "Explore" card. "It's important to understand that Polar did not leak data and did not violate private data," said Polar.
"Currently, the vast majority of Polar customers maintain the default settings for private profiles and private sessions and are not affected by the case in any way," it said.
However, the investigation claims that despite the fact that many users made their profiles private, user details could be found due to "oversights in the Polar app".
The investigation draws parallels with the Strava fitness app, which uncovered sensitive locations around the world in January this year.
VIEW NOW: Tech Insider Videos