In Brief: Peloton equipment API flaw may have exposed data of millions

The same week that Peloton announced a voluntary recall of two treadmills, independent research firm, Pen Test Partners say they notified the company in January of flaws in its API that could allow unauthenticated individuals to view sensitive information, even for users who chose private mode account settings. The security firm says that the company’s initial fix did not fully solve the problem and Peleton has not fully reported how many people may have been impacted.

More News

Previous Article

Google Play to add “safety” sections for mobile apps

May 11, 2021

Google has indicated it will introduce a “safety” section to its Google Play marketplace. Beginning next year, app developers will be required to share information on the data they collect, and how it’s stored and used. Google’s plans differ from Apple in that the focus is on whether the data is being handled responsibly, not gathering consent to what is collected and tracked. Google will also allow independent verification of the app data labels, which may add to user trust.

CDPI Privacy Newsletter
Featured Article

Salesforce Offers Free Data Cloud to Sales and Service Cloud Customers

February 21, 2024

Salesforce is offering a free version of its CDP-esq Data Cloud to Sales and Service Cloud customers, with the apparent goal of increasing use of Marketing Cloud.  The Data Cloud offers Marketing Cloud users a unified view of data in Salesforce clouds and other systems via no-copy access to cloud databases and Mulesoft connectors.  The company also unveiled a small business edition of Marketing Cloud.

CDPI Newsletter