A bipartisan coalition of lawmakers has issued a stern demand for answers from the Pentagon following revelations that foreign adversaries have been exploiting commercially available location data to target and surveil American military personnel serving overseas.

The inquiry centers on disclosures from U.S. Central Command, which informed Congress it has received multiple threat reports concerning adversary exploitation of commercial location data to track American service members in theater. The acknowledgment has prompted serious questions about whether the Department of Defense has taken adequate steps to protect troops from this emerging counterintelligence threat.

In a letter addressed to Pentagon Chief Information Officer Kirsten Davies, lawmakers led by Senator Ron Wyden of Oregon and Representative Pat Harrigan of North Carolina expressed grave concern over what they characterize as a failure to implement basic protective measures. The letter warns that the Pentagon has not taken fundamental steps to safeguard military personnel from threats posed by the collection and sale of personal information through commercial data brokers.

The issue revolves around the vast commercial data broker industry, which routinely collects and sells location information generated by smartphones, mobile applications, and advertising networks. This commercially available data, lawmakers argue, can be purchased or otherwise obtained by adversaries who may use it to identify military installations, monitor troop movements, or track individual service members.

The lawmakers’ letter reveals a troubling timeline of inaction. According to their findings, CENTCOM only implemented the capability to administratively disable location sharing on government-issued smartphones in May of this year. This delay comes despite years of known vulnerabilities and warnings from cybersecurity experts about the risks posed by location tracking technology.

Perhaps more concerning, the letter indicates that advertising identifiers remain active on government-issued devices. These unique tracking numbers, used by advertisers and data brokers to monitor devices across various applications and services, continue to function despite longstanding recommendations from federal cybersecurity agencies to disable them.

“That foreign adversaries are still able to buy location data collected from the phones of U.S. personnel serving in military hotspots is a direct result of DOD leadership’s failure to prioritize this threat and implement common sense cyber defenses recommended by federal cybersecurity experts,” the lawmakers wrote in their letter.

The bipartisan nature of this inquiry underscores the seriousness with which Congress views this vulnerability. The threat is not theoretical. With American military personnel deployed in sensitive locations around the world, the ability of hostile nations to track their movements through commercially purchased data represents a clear and present danger to force protection and operational security.

The lawmakers have urged the Pentagon to take immediate action, including disabling advertising identifiers on all government-issued smartphones and issuing guidance requiring personnel to implement similar protections on personal devices.

As this investigation unfolds, the American people deserve to know what steps their military leadership is taking to protect those who serve in harm’s way. The technology that makes modern life convenient must not become a tool that places our service members at greater risk.

Related: Alex Murdaugh Murder Conviction Sent Back to Lower Court for Retrial