French Aircraft Carrier Location Leaked via Fitness App Strava

French Aircraft Carrier Location Leaked via Fitness App Strava

March 20, 2026 David Kessler - News Editor News

The near-exact location of the French nuclear-powered aircraft carrier Charles de Gaulle (R91) was inadvertently exposed online after a French Navy officer logged a morning run on the ship using the sports tracking application Strava. The incident, which occurred on March 13th although the vessel was navigating the eastern Mediterranean west of Cyprus, was revealed by the French newspaper Le Monde, which geolocated the ship using the data published by the servicemember.

As detailed by the French publication, the young officer, identified only as Arthur, began running on the ship’s deck at 10:35 AM. For 35 minutes, the sailor covered a circular route of over seven kilometers. All of this was automatically saved to his public Strava profile via his smartwatch. “Anyone can see the information,” warned Le Monde.

“One lap and start again,” the newspaper described the officer’s activity, running in circles on the deck amidst the waves. The publication of the route allowed journalists to determine that the carrier strike group was at that time northwest of Cyprus, approximately one hundred kilometers from the Turkish coast. The security breach exposed not only the location of the Charles de Gaulle, but also that of its escort from the French National Navy.

The leak, dubbed “StravaLeaks” by some media outlets, occurs in a context of high tension in the region stemming from the war between Israel/US and Iran. The ship carries 20 Rafale fighter jets and two Hawkeye radar aircraft, according to Agence France-Presse, increasing the strategic value of the information inadvertently revealed by the officer.

The Risks of Fitness Tracking Applications

The case of the Charles de Gaulle is not an isolated incident in the realm of military security. Le Monde emphasized that these types of oversights with geolocation applications are repeated despite repeated warnings and previous revelations by the newspaper itself about covert or sensitive operations.

“Arthur has a profile on the Strava app, and it is ‘public’,” explained the French newspaper, emphasizing how easily any user of the platform could access the sailor’s training data. The application, designed to record activities such as running or cycling using GPS, thus becomes a source of open-source intelligence.

The location of the Charles de Gaulle takes on special relevance amid growing tensions over control of the Strait of Hormuz, a key passage through which around 20% of the world’s oil supply transits. Former President Trump had issued a public call to several nations, including France, to send warships to the area and ensure the maritime route remained “open and secure.”

“Hopefully, China, France, Japan, South Korea, the United Kingdom, and others that are affected by this artificial constriction will send ships to the area,” Donald Trump wrote on his Truth Social platform, referring to threats of closure from the new Iranian supreme leader, Mojatba Jameneí. The US president insisted that the effort should be joint and that the United States would help with coordination.

How a Running App Exposed a Nuclear Carrier

Strava, launched in 2009, quickly became popular among athletes for its social networking features and detailed activity tracking. Users record their workouts using GPS-enabled devices – smartwatches, phones, or dedicated fitness trackers – and the data is uploaded to the Strava platform. The application’s core functionality relies on accurately mapping routes and calculating performance metrics like pace, distance, and elevation gain. Crucially, users can control the privacy settings of their activities, choosing to develop them visible to the public, only to followers, or completely private.

In this instance, the officer’s profile was set to “public,” meaning anyone with an internet connection could view his activity. Le Monde journalists were able to correlate the timing and location of the run with satellite imagery, confirming the presence of the Charles de Gaulle and its accompanying fleet. This highlights a fundamental risk: the combination of readily available technology, publicly shared data, and a lack of awareness regarding operational security (OPSEC).

A Pattern of Security Lapses

This isn’t the first time Strava has been implicated in revealing sensitive military information. In October 2024, Le Monde published “StravaLeaks,” revealing that security details for sensitive figures like Emmanuel Macron and Vladimir Putin were publishing their workouts on Strava. Many users were able to track the movements and locate the vacation spots of the French and Russian heads of state. This demonstrates a recurring pattern of individuals associated with security or defense organizations inadvertently disclosing sensitive information through the apply of fitness tracking applications. The French Armed Forces General Staff confirmed that the activity violated digital security rules, stating it was “not in compliance with current instructions” and that “appropriate measures will be taken by the command.”

The Charles de Gaulle and the Middle East Deployment

The Charles de Gaulle, France’s only nuclear-powered aircraft carrier, was deployed to the eastern Mediterranean on March 3rd, just days after the start of strikes between the US and Israel against Iran. The carrier’s presence is intended to demonstrate French support for regional stability and deter further escalation. The deployment itself was publicly announced by President Emmanuel Macron, but the precise location of the vessel was not intended for public disclosure. The carrier is accompanied by at least three frigates and a replenishment tanker, forming a significant naval task force.

The incident raises questions about the effectiveness of current security protocols and the level of awareness among personnel regarding the risks associated with using geolocation applications. While the carrier’s presence in the region was already known, the ability to track its movements in near real-time provides a potential advantage to adversaries. The French Navy’s flagship is the only nuclear-powered aircraft carrier in operation outside the United States military.

What Happens Next?

The French Armed Forces General Staff has stated that “appropriate measures” will be taken in response to the security breach. These measures are likely to include a review of existing digital security protocols and a renewed emphasis on OPSEC training for personnel. It remains unclear whether the officer involved will face disciplinary action. The incident is also likely to prompt a broader discussion within the French military and other defense organizations about the risks associated with the use of personal devices and social media platforms in operational environments. Further investigation may reveal whether this was an isolated incident or part of a wider pattern of security lapses.

Reader FAQ

  • What is Strava? Strava is a social fitness network that uses GPS to track athletic activities like running and cycling.
  • How was the carrier’s location revealed? A French naval officer publicly shared data from a run he took on the ship’s deck using Strava.
  • Why is this a security risk? Knowing the precise location of a military asset like an aircraft carrier can provide valuable intelligence to potential adversaries.
  • Has this happened before? Yes, Le Monde previously reported similar incidents involving security details for political leaders.
, , , , , , , , , , , , , , , , , , , , , , , , , , ,