The Army's Criminal Investigation Division (CID) issued a warning last week that these devices could potentially harbor malware. The covert sender of these smartwatches might gain "access to saved data, such as banking details, contact lists, and login credentials," the CID said.
The Army's Criminal Investigation Division (CID) issued a warning last week that these devices could potentially harbor malware. The covert sender of these smartwatches might gain "access to saved data, such as banking details, contact lists, and login credentials," the CID said.
An alternative explanation might be a non-malicious but deceptive marketing tactic known as 'brushing,' where online sellers artificially boost their ratings through fraudulent orders and reviews.
The exact number of smartwatches distributed remains undisclosed by the CID, a standalone federal law enforcement body comprising thousands of personnel.
Wearable tech and app downloads have often conflicted with national security interests where maintaining secrecy is crucial. Smartwatches record personal and location data, and can also record audio, often without a reliable user verification method.
In 2018, The New York Times reported that Strava, a fitness tracking app inadvertently disclosed the locations and routines of military bases and personnel, including U.S. forces in the Middle East. Similarly, in 2020, Bellingcat found that military and intelligence personnel could be traced via Untappd, a beer-review social network.
The CID advises any military personnel who receive an unrequested smartwatch to refrain from activating it and instead, report it to a counterintelligence or security official.
TechEchelon Staff bylines are produced collectively by the newsroom for short, breaking, and wire-style coverage. Longer-form reporting is published under the responsible reporter's name.
More from the Staff →CISA has confirmed active exploitation of CVE-2026-20253, a critical Splunk Enterprise flaw that allows unauthenticated remote attackers to manipulate files, and ordered federal civilian agencies to patch by Sunday under Binding Operational Directive 26-04.
Market intelligence platform Klue has confirmed attackers stole OAuth tokens connected to customer Salesforce environments on June 12, as the newly emerged Icarus extortion group publicly claims responsibility and the list of affected organizations continues to grow.
Human Rights Watch obtained Bulgarian export licensing records showing surveillance firm Circles sold phone-interception and geolocation tools to ten governments — including the UAE, Bahrain, and Azerbaijan — between 2018 and 2023, raising fresh questions about the EU's export control enforcement.
Written for readers who already know the basics — markets, AI, and the policy decisions that shape both.