The application fitness Polar Flow, which measures the activity of exercise performed by the user, is used to locate the direction of soldiers, secret agents, and even military bases.
The research conducted by Bellingcat and Of Correspondant, said that years ago the company allowed other people could know and have the information of multiple users with respect to the functions performed on a daily basis, though these have their profiles on private.
This event is added to the case of Strava, in the same way I leave it to the discovered sensitive data and significant locations that had the people.
With this background, the app Polar Flow instead of improve on the privacy provided to its users, worsened since this time the tool of exercises revealed the data due to a failure in the function of Explorer, which allowed to know the location of those users who have not changed the privacy settings, because they could enter their profiles without the need of a password.
The report of the media, explained that this was in fact done in a simple way, since only crossed the public data base of Polar Flow data with other data to locate exactly the name, the address and routes for the exercise of more than 6400 people of up to 69 different nationalities, and with this action also so knew of its location abroad.
In this way there were no barriers that made it impossible to know the route that the people did day in and day out, the most worrying thing was that among these people there were users who work on military bases, intelligence services, or that they were like secret agents in areas of conflict, so security was totally compromised.
Within the others affected, were also the NSA, the Secret Services of the USA. UU. and the MI6.
To root of this problem, Polar Flow suspended its activities at the global level to avoid that they continue obtaining new data; this is left as a moral that all people that have applications where you share data, you must configure the privacy of the latter to prevent leakage to third parties.