Aclassified U.S. intelligence alert, shared with allies on April 3 and seen by this outlet, warns that Chinese technology companies are systematically harvesting open-source data — including fitness tracker logs, social media geotags, and commercial satellite imagery — to expose covert U.S. military operations in the Iran conflict zone.
The alert, produced by the National Counterintelligence and Security Center (NCSC), names three Chinese firms — Shanghai-based Hesai Technology, Beijing-based MegaFon Analytics, and Shenzhen-based DeepMap — as 'high-confidence conduits' for information that has compromised at least two CIA field assets and revealed the locations of three U.S. special operations teams in Iraq since January.
The data collection method, known as 'OSINT fusion,' combines publicly available data with advanced pattern recognition. For example, fitness tracker data from U.S. personnel inadvertently left running during deployments can reveal patrol routes and base perimeters. Chinese firms then sell the analyzed data to Iranian intelligence, according to the alert.
Pentagon restricts personal devices
In response, the Department of Defense has expanded its ban on geolocation-enabled personal devices to all forward operating bases in CENTCOM's area of responsibility. Personnel found violating the ban face disciplinary action, including potential courts-martial.
The Chinese Ministry of Foreign Affairs denied the allegations, calling them 'baseless smears against innocent Chinese companies.' The companies named did not respond to requests for comment.
This is a new form of warfare. They're not hacking our systems — they're exploiting the data we leave lying around in plain sight. Every soldier needs to understand the threat.
The NCSC alert recommends that all U.S. personnel disable geolocation on personal devices, use VPNs when accessing any online account overseas, and avoid posting operational details — including vague references to 'work' — on social media.
