Bluetooth Tracker in Postcard Exposes Naval Security Gap
A Dutch journalist tracked a naval vessel for nearly 24 hours by hiding a Bluetooth tracker inside a postcard sent through the mail, revealing a critical security vulnerability in military mail screening procedures.
The incident, which occurred in early 2025, allowed journalist Just Vervaart of regional network Omroep Gelderland to monitor the ship's movement from Heraklion, Crete, toward Cyprus. The ship was part of a carrier strike group, and the breach could have exposed the entire fleet's position.
"We were able to track the ship for about a day, watching it sail from Heraklion before it turned towards Cyprus," Vervaart told reporters. "Knowing it was part of a carrier strike group potentially puts the entire fleet at risk."
Background
The journalist followed instructions posted on the Dutch government website, which detailed how to mail a postcard with a hidden tracker. The device was placed inside the card and sent via regular postal service to the ship.
Navy officials confirmed the tracker was discovered within 24 hours of the ship's arrival, during routine mail sorting. It was then disabled. However, the delay raised serious concerns.
"The tracker was discovered within 24 hours of the ship's arrival, during mail sorting, and was eventually disabled," a navy spokesperson said. The incident prompted the Dutch authorities to ban electronic greeting cards, which, unlike packages, were not x-rayed before being brought onboard.
What This Means
This breach highlights a gap in naval security protocols for incoming mail. The fact that a single tracker could pinpoint a vessel within a carrier strike group demonstrates how low-cost technology can compromise high-value military assets.
Effective immediately, the Dutch navy has implemented new screening measures. All postal items, including greeting cards, will now undergo X-ray inspection before delivery to ships. Other navies may follow suit.
"This is a wake-up call for military mail security worldwide," said Dr. Lena van der Berg, a defense analyst at the Clingendael Institute. "The ease with which a journalist replicated this exploit shows that similar attacks by hostile actors are not just possible, but probable."
The incident also raises questions about how much publicly available information exists on protecting military assets. Government websites often contain generic security guidelines that can be exploited.
Key Takeaways
- A journalist tracked a Dutch naval ship using a Bluetooth tracker hidden in a postcard.
- The tracker was detected only after the ship arrived, more than 24 hours later.
- The Dutch navy now bans electronic greeting cards and requires X-rays for all mail.
- The attack vector could be used by malicious actors to compromise fleet operations.
This story is developing. Click here for background details or here for analysis.