How a Fitness App Became an Intelligence Weapon Against Sweden
A fitness tracking app inadvertently leaked classified security information, exposing the private addresses and movement patterns of Sweden's top leadership.
Twitter
An unintentional leak of classified security information has rocked Sweden’s protective services, after it was revealed that bodyguards assigned to the royal family and top political figures had inadvertently exposed sensitive data through the popular fitness tracking app Strava.
A year-long investigation, published this week, reveals that more than 1,400 training sessions uploaded by seven different security officers disclosed not only exercise routes—but also the private addresses and movement patterns of Sweden’s top leadership, including Prime Minister Ulf Kristersson and the royal family.
Among the data exposed:
Sweden’s Security Service (SÄPO) confirmed that the data correlates with employees of its protective division and has launched a full internal investigation. A SÄPO spokesperson said:
“This is a case of data that could be used to map our operational activities. The agency is now taking all necessary steps to ensure such procedural lapses do not occur again.”
Neither the Prime Minister’s Office nor the Royal Court commented on the security breach.
The Swedish case is just the latest in a troubling pattern involving Strava, a fitness app that has drawn increasing scrutiny from intelligence and military communities worldwide. Back in 2018, the Pentagon banned its use in combat zones after analysts showed how global heatmaps of running routes had inadvertently revealed U.S. troop positions in Syria and Afghanistan.
In 2023, a Russian submarine commander was assassinated while jogging—after publicly logging his runs on Strava. That same year, Le Monde reported that the app’s data could be used to track French nuclear submarines, Israeli military movements, and even global heads of state, including Vladimir Putin.
Digital Footprints, Real-World Threats
The Swedish breach follows heightened national security concerns after a suspected sabotage incident targeted an undersea communications cable. Authorities now fear that the digital exposure of sensitive locations could pose as grave a threat as physical attacks.
The incident also highlights a broader vulnerability in modern security: human error amplified by ubiquitous technology. Even with strict protocols in place, the integration of personal devices and apps into the lives of high-level protectees and their teams creates blind spots that can be exploited.
Sweden’s defense and intelligence communities now face a familiar question in the digital age: When every footstep is tracked, who’s really watching—and what do they see?