If you’re worried about privacy breaches on your mobile devices you should be. Hackers and snoops are everywhere looking to find as much information about you as possible for many reasons. And none of them are good.
There are tons of issues that can stem from using certain apps on your devices, like your personal data being shared or sold. Some apps, like a popular free VPN, have even exposed to selling out its users. Tap or click here to find out why free VPNs are bad news.
Now, a popular fitness app has been found to have potential privacy issues, and the repercussions could be significant for those who have downloaded it. If you’re using this app, you need to make some changes to your settings — stat. If you don’t, you run the risk of having your personal information exposed to strangers who are nearby.
Fitness app is breaching your privacy
Are you a runner or cycler who uses Strava, the popular fitness app that bills itself as the “social network for athletes.” Strava’s popularity has exploded in recent years, in part because it allows iPhones and Androids to be turned into sophisticated running and cycling computers.
RELATED: This site shows if you’re a victim in data breaches
This app can be used to track your performance stats, deep dive into your data and heart rate. It can also be used as a social media network — and that’s where the trouble comes in.
Some athletes use Strava to record an activity they’ve completed and then post it on their app’s feed. Friends can comment on the post, share their own workouts, give kudos or leave comments. Sounds pretty status quo, right?
Not really. The issue with Strava’s social media component is that it can expose your information to nearby strangers, leaving users vulnerable to the kinds of problems that come with others getting a glimpse into your private data.
This is precisely what happened to Andrew Seward, Head of Data Product Development at Experian. Seward tweeted about the problem:
(1/2) Out running this morning on a new route and a lady runs past me.— Andrew Seward (@MrAndrew) September 14, 2020
Despite only passing, when I get home @Strava automatically tags her in my run. If I click on her face it shows her full name, picture and a map of her running route (which effectively shows where she lives) pic.twitter.com/flnHpSvA79
Seward confirmed that neither party knew each other and did not follow each other in the app, but they were tagged on each other’s runs nonetheless. This is an obvious issue for Strava users given privacy issues that could come.
Related: Delete these 17 malicious apps from your phone now
The problem stems from the information-sharing feature in the app. The privacy settings for “Flyby” in the app are set to default to “everyone,” which includes nearby strangers — which is what happened with Seward.
If you aren’t familiar with the term Flyby, it’s the Strava feature that lets you look over your recorded activity. During this playback process, you can also see others nearby on the map and timeline.
What that means is Strava is sharing your activity with anyone who’s nearby and using the app. This exposes your information to countless strangers out for a jog or a bike ride.
What’s more troubling is it appears this information sharing is not limited to those who have access to the Strava platform. It is also available to anyone else on the internet.
Change this critical setting ASAP
The potential problems that could stem from this sharing mode are serious. Many people on social media have voiced concerns that the app could be abused by stalkers or those with predatory motives to find victims as they jog or cycle.
This isn’t the first time Strava has caught flack for security problems. In 2018, Strava published heatmaps that were generated from 13 trillion GPS coordinates aggregated by jogger data. By doing that, Strava inadvertently published locations of military bases around the world (including the U.S.) alongside it.
If you want to keep using Strava, you need to protect yourself by changing your settings to make sure this doesn’t happen to you.
Here’s what you need to do:
- Login to Strava.com.
- Click on the drop-down arrow next to your profile picture.
- Click on Settings > Privacy Controls.
- Toggle down to Flyby and click the drop-down arrow.
- You’ll see two options: Everyone and No One.
- Select No One and press OK.
- This keeps your Flyby settings from sharing your information with nearby Strava users.
Whenever websites or apps put your privacy or data at risk it’s best to change its settings to take back control. If there isn’t an option to increase security you’re better off finding a more secure app or website. Tap or click here to increase privacy on your phone and keep snoops out.