+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Peloton fixes bug that reportedly exposed users' data and account information

May 6, 2021, 00:02 IST
Business Insider
Scott Heins/Getty Images
  • Peleton workout equipment previously had a bug that allowed users to access private account information.
  • The information included the user's gender, weight, birthday, age, workout statistics, and more.
  • Peleton confirmed to TechCrunch on Wednesday that the bug has been fixed.
Advertisement

Peloton has confirmed it fixed a bug that exposed users' private account data, according to TechCrunch.

The bug was first discovered by Jan Masters, a security researcher at Pen Test Partners, TechCrunch reported.

Masters found the breach by learning he could make unauthenticated requests to access someone's data through Peloton's programming interface. The bug exposed users' age, location, workout statistics, and weight.

The researcher told TechCrunch that he reported the flaw on January 20, but the issue was only confirmed to be fixed after Peloton was contacted by TechCrunch.

The security flaws discovered in Peleton's equipment demonstrate the reasons that cybersecurity experts were wary of reports that President Joe Biden might bring his Peleton bike to the White House: the additional cameras, sensors, and microphones present in the device pose potential national security risks if hacked into and personal data is leaked.

Advertisement

The "Security and Compliance" page of Peleton's website notes that despite company efforts, security vulnerabilities may still exist in Peleton's products.

"No matter how much effort we put into system security, there can still be vulnerabilities present," the company website says.

News of the data bug came just before Peloton recalled its Tread+ running machine Wednesday amid reports that a child died and others were injured while it was operating. The recall sent Peleton's stock into a nosedive, falling more than 13% as of Wednesday afternoon.

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article