In Brief: Peloton equipment API flaw may have exposed data of millions

The same week that Peloton announced a voluntary recall of two treadmills, independent research firm, Pen Test Partners say they notified the company in January of flaws in its API that could allow unauthenticated individuals to view sensitive information, even for users who chose private mode account settings. The security firm says that the company’s initial fix did not fully solve the problem and Peleton has not fully reported how many people may have been impacted.