Strava Strikes Again: French Sailor's Morning Jog Accidentally Pinpointed a Nuclear Aircraft Carrier

If you ever needed proof that operational security and fitness apps mix about as well as oil and water, allow a French sailor known only as "Arthur" to provide the definitive case study.

On 13 March 2026, Arthur strapped on his Garmin Forerunner 955, laced up his trainers, and went for a jog. Nothing unusual there, except his running track was the flight deck of the Charles de Gaulle, France's sole nuclear-powered aircraft carrier, which happened to be on a sensitive military deployment in the eastern Mediterranean at the time. And because his Strava profile was set to public (the app's default setting, in case you were wondering), anyone with an internet connection could see exactly where France's most prized naval asset was positioned.

Magnifique.

The Run That Launched a Thousand Headlines

The numbers are almost comically precise. Arthur ran 7.23 kilometres in approximately 35 minutes, maintaining a pace of 4:58 per kilometre. His route, a series of back-and-forth laps across the 262-metre flight deck, traced a pattern roughly 300 metres wide. It does not take a seasoned intelligence analyst to look at that GPS trace and think, "That looks an awful lot like someone jogging on a very large ship."

Le Monde journalists Sebastien Bourdon and Antoine Schirer, who broke the story as part of their ongoing #StravaLeaks investigation series, did exactly that. They cross-referenced the Strava data with satellite imagery and confirmed the outline of the carrier. The ship was positioned northwest of Cyprus, approximately 100 kilometres from the Turkish coast. It is worth noting that while some outlets described the ship as being "near Iran," the reality is that it was in the eastern Mediterranean. It had been redeployed towards the Middle East in response to tensions with Iran, but it was not directly adjacent to Iranian waters.

Why This Matters More Than You Might Think

The Charles de Gaulle is not just any warship. It is France's only aircraft carrier and the only nuclear-powered carrier ever constructed outside of the United States. When President Macron ordered its strike group to redeploy on 3 March 2026, pulling it out of NATO exercises in the Baltic Sea that were originally scheduled to run until May, it was a significant strategic move. The carrier passed through the Strait of Gibraltar on 6 March, heading towards the eastern Mediterranean amid escalating tensions.

For context, one French soldier had already been killed and six wounded in Iranian strikes on French bases in Iraq. This was not a pleasure cruise. The task force accompanying the Charles de Gaulle included at least three French frigates, a supply ship, and allied vessels from Italy (the Federico Martinengo), Spain (the Cristobal Colon), and the Netherlands (HNLMS Evertsen).

And then Arthur went for a jog and told the whole world where they all were.

A Pattern of Remarkably Preventable Blunders

Here is the truly baffling part: this is not even close to being the first time this has happened. In fact, it is the third major French military Strava leak in barely 18 months.

• October 2024: Le Monde's same investigation team exposed how Strava data could be used to track the movements of security details protecting President Macron, President Biden, and even President Putin.
• January 2025: Crew members aboard French nuclear submarines managed to leak patrol schedules and data through the very same app, as reported by Euronews.
• March 2026: Arthur and the Charles de Gaulle. You are here.

You would have thought someone in the French military hierarchy might have taken note after the first incident. Or certainly the second. Apparently not.

Going further back, the 2018 Strava Global Heatmap fiasco revealed the locations and layouts of military bases in Syria, Afghanistan, and Djibouti. The US Department of Defense responded by banning fitness trackers in operational areas entirely. France, however, has not implemented an equivalent ban. One has to wonder what it will actually take.

The Digital Breadcrumb Trail

What makes this incident particularly damning is that Arthur's Strava profile did not just reveal a single location. His activity history effectively mapped the entire deployment route. Previous uploads showed him running off Cherbourg in February, then Copenhagen in late February as the carrier participated in Baltic exercises, and then the eastern Mediterranean by mid-March. Anyone following his public profile could have tracked the Charles de Gaulle's movements in near real-time across several weeks.

Le Monde's investigative method was almost embarrassingly simple. The reporters logged fake runs in sensitive locations, then used Strava's social features to see who else had been running in those same areas. The app essentially served as a ready-made open-source intelligence tool, no hacking required.

It is also worth noting that the open-source intelligence site Itamilradar had independently published radar data showing the carrier's position, and French reconnaissance drones had been spotted on radar flying south of Cyprus. So the operational security picture was already looking a bit threadbare before Arthur's morning cardio sealed the deal.

The Official Response

The French Armed Forces General Staff told Le Monde that the post "does not comply with current regulations" and that "appropriate measures will be taken by the command." Which is military speak for "someone is getting a rather stern talking-to."

One imagines Arthur's commanding officer had some choice words. Whether those words included "have you considered running on a treadmill" remains unconfirmed.

The Bigger Picture

This story is funny, in a darkly absurd sort of way, but it highlights a genuinely serious issue that extends well beyond the military. Fitness apps, social media platforms, and location-sharing services collect and broadcast staggering amounts of personal data, often with default settings that prioritise social engagement over privacy.

Strava profiles default to public. Most users never change this. And while the consequences for the average weekend parkrunner are minimal, for anyone in a sensitive role, whether military, government, or otherwise, the implications can be severe.

If a single sailor's morning jog can compromise the position of a nuclear aircraft carrier and its entire multinational task force, it is worth asking what your own fitness app is quietly broadcasting about your movements.

The Verdict

The French military clearly has a Strava problem, and at this point it is becoming something of a running joke (pun very much intended). Three major leaks in 18 months, each more embarrassing than the last, and still no blanket ban on fitness trackers during operations. The technology is not going away. Garmin watches, Strava uploads, and GPS-enabled everything are part of modern life. But when you are operating a multi-billion-pound nuclear aircraft carrier in a geopolitically sensitive region, perhaps the default privacy settings on your running app deserve a second look.

Or, and this is just a thought, maybe leave the smartwatch in your bunk.

Read the original article at The Independent.