French Sailor Reveals Location of Aircraft Carrier via Strava

A French sailor has exposed the Charles de Gaulle aircraft carrier’s location in near real time by publicly sharing a fitness activity via Strava.

Key Takeaways

• A Strava activity revealed the real-time location of a French aircraft carrier
• Public fitness data can expose precise GPS coordinates and movement patterns
• Similar incidents have exposed military personnel and government officials before
• Metadata, not hacking, is often the root cause of such leaks.
• Adjusting privacy settings significantly reduces risk

What is the Strava leak and why does it matter?

According to a Le Monde report, a young naval officer named Arthur shared a running activity on Strava while deployed at sea. While it might not seem like much, because the account was public, the app also shared the GPS coordinates online. Investigators successfully used this information to identify the exact position of the Charles de Gaulle aircraft in the Mediterranean.

The route the runner took shows as loops in open water, which clearly indicates the general direction of a ship. By comparing this data with satellite images, journalists confirmed the vessel’s location shortly after the activity was uploaded.

Image credit: Le Monde

How did a fitness app reveal a military location?

Fitness apps continuously record location data during activities. When users upload workouts publicly, they unintentionally create a detailed movement log. Strava, for example, offers the option to post this activity automatically after it’s over, so that’s another element that needs to be considered if you don’t want other people to know your location.

In this case, three elements enabled the leak: the activity included precise GPS coordinates, the profile was publicly accessible, and the activity took place in a random location out in the open sea.

The journalists discovered that a user uploaded a "jogging" activity located in the open sea, near the coast of Cotentin. In fact, it was possible to determine the previous locations of the carrier by simply following the history of the sailor’s workouts.

The information was verified as true by checking satellite images of the area, which confirmed it’s the French aircraft carrier.

Back in 2018, Australian researcher Nathan Ruser revealed that a new Strava heatmap feature was revealing the movement patterns of security forces at military bases around the world.

And in 2022, the same Strava app was being used to spy upon members of the Israeli military in secret bases across the country.

Why are fitness apps a security risk?

Fitness apps are designed to track performance, but what people don’t often realize is that they also collect a lot of data, including location, time and duration, and, more importantly, repeated behavioral patterns.

For regular people, it can expose the home addresses or daily routines, although Strava does have a tool to keep these somewhat hidden.

For professionals in sensitive jobs, it can reveal operational details, movement schedules or restricted locations.

In this case, the risk became apparent because the aircraft carrier is currently operating in a conflict zone, where real-time location data could have strategic consequences.

The army general staff confirmed that sailors must follow strict digital hygiene and that “appropriate measures will be taken by the command”.

How can you prevent fitness app data leaks?

• Start by making your profile private. This single step prevents public access to your activity history.
• Disable automatic sharing of workouts with location data. Many apps allow you to restrict visibility or hide maps entirely.
• Review older activities as well. Historical data can still reveal patterns and should not remain publicly accessible.
• Finally, think about context. Recording a workout in sensitive environments is oftentimes problematic.

FAQ

Can Strava reveal your exact location?

Yes. If GPS tracking is enabled and your profile is public, Strava can display precise routes and locations.

Are fitness app leaks common?

Yes. Multiple incidents have exposed military personnel, government officials, and sensitive locations through public activity data.

Is this a hacking incident?

No. These leaks rely on publicly available data, not system breaches.

What data is most dangerous to share?

Location data combined with timestamps is the most sensitive, as it reveals movement patterns.

How do I make my fitness app safer?

Set your profile to private, disable location sharing when possible, and review past activities for exposure.