Subscribe to our newsletter and stay informed

Check out our list of top companies

Check out our carefully compiled lists of the most relevant and impactful companies within their fields.

Check out our list of top unicorns

Read and learn about the biggest companies that various countries have produced, how they made it, and what the future looks like for them.
June 15, 2023

Strava's Heatmap May Expose Home Addresses

Strava's Location Data: A Breach of Privacy?

Strava, the popular fitness app with over 100 million users, continues to face privacy concerns surrounding its location data. Recent research reveals alarming possibilities of doxxing users through Strava's publicly available heatmap feature, despite previous incidents in 2018. This article delves into the potential risks and calls for necessary actions to protect user privacy.

Privacy concerns with Strava's location data collection resurfaced when the app's heatmaps unintentionally exposed secret army bases in 2018. While Strava anonymizes data, a research paper by North Carolina State University's Department of Computer Science suggests that de-anonymization is possible, with up to 37.5% accuracy. This means Strava users' locations, frequently used routes, and even their identities could be revealed. Shockingly, both public and private profiles are susceptible to this doxxing risk.

The researchers utilized Strava's publicly available heatmap data as a source to identify the start and end locations of activities, potentially disclosing the user's residence. By combining this information with data from OpenStreetMaps and public records like voter registrations, an attacker could easily obtain the user's name and home address. Furthermore, this process can be automated, amplifying the scale of such an attack.

Despite the 2018 incident, Strava has not taken significant action to address these privacy concerns. Governments have prohibited the use of fitness apps at military installations, but Strava has not implemented substantial changes. However, researchers from North Carolina suggest potential solutions, including expanding hidden zones to the heatmap and creating exclusion areas that safeguard user privacy.

Strava's persistence in addressing user privacy issues related to location data raises concerns. The study reveals the danger of exposing Strava users' identity and emphasizes the urgency to safeguard personal information. With health data entrusted to fitness apps, privacy must be a top priority for companies like Strava to ensure user safety and data protection.

Neil Hodgson-Coyle
Neil Hodgson-Coyle
Editorial chief at TechNews180
Back to top

Related articles

chevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram