A seemingly innocuous ‘fitness app’ has inadvertently led to a sensitive information leak at a highly secure French Navy base. Located on the island of Longue, near the port city of Brest in Brittany, this base serves as the primary location for the French naval nuclear deterrent. With nearly 2,000 employees, strict security measures are in place, including air, sea, and land surveillance, as well as multiple security checks for personnel. However, an investigative report by ‘Le Monde’ has revealed that the activities of the “black ships” – four nuclear-powered ballistic missile submarines – have been compromised.
A Surprising Source of the Leak
The leak can be attributed to the use of the fitness app, Strava, by some of the base’s employees. This app allows users to track their physical activity and view public profiles of other users, including their routes. The issue arose because many users did not employ pseudonyms, making it easy to identify them by name and location. A military officer, for instance, recorded a 45-minute patrol along the docks where at least one of the submarines was docked, using a smartwatch to log the activity.
French Navy Acknowledges Negligence
According to the data collected by Le Monde, over 450 users have been active on the island of Longue in the past decade, leaving a digital trail in the Strava database. When questioned about the leaks, the French Navy acknowledged that negligence on the part of its staff had indeed occurred. Although it emphasized that these incidents do not constitute failures that could impact the base’s activities, the breach still raises concerns about the sensitivity of information shared by personnel.
Broader Implications
The French Navy base is not the only high-profile location that has been compromised by the use of Strava. Le Monde’s investigation also revealed that the movements and locations of the presidents of France, the United States, and Russia could be identified and anticipated due to the use of the app by their security teams. This highlights the potential risks associated with the use of social media and fitness tracking apps, especially in sensitive environments.