Report Says Hackers Can Spy on You When You're on Your Peloton Bike, Treadmill Peloton assured users that the issue was "already fixed" via a software update.

By Emily Rella

entrepreneur daily
Peloton | Facebook

The benefit of working out from the comfort of your own home is being able to sweat it out without anyone having to see you, which is especially key when putting yourself in a vulnerable state.

The fitness industry at large had to double down on at-home options and equipment amid the pandemic due to safety precautions and restrictions.

Peloton (PTON) was one of the big winners in a year that was tough for so many fitness companies, hitting its first $1 billion sales quarter in Q4 of 2020, seeing a revenue increase of 128% year-over-year at $1.06 billion.

But the recent discovery of a potential security issue that would allow hackers to spy on riders through their bike microphones and cameras could threaten to take away the privacy that loyal riders — and paying customers — value so dearly.

"The issue reported to us by McAfee requires that an attacker be able to connect directly to one of the USB ports on the tablet on the Bike+ or the Tread," Adrian Stone, VP and head of global information security at Peloton, said in a statement on Wednesday. "They would then be able to modify the software on the device, and could then install malware or access data that is communicated between the device and our services."

Peloton assured users that the issue was "already fixed" via a software update that all device owners will be required to install.

McAfee kept the issue "confidential" until Peloton was able to internally fix it, a partnership in communication that Peloton called an "essential collaboration."

McAfee also released its own report on the potential hacker loophole.

"The team discovered that the Bike's system was not verifying that the device's bootloader was unlocked before attempting to boot a custom image," the technological security behemoth said in a statement. "This means that the bike allowed researchers to load a file that wasn't meant for the Peloton hardware — a command that should normally be denied on a locked device such as this one."

Both companies explained that hackers could access Peloton's internal system only if they had direct contact with and access to the bike via use of the USB ports located on the Bike+ and the Tread.

"At Peloton, we're always talking about our community and our Members," Peloton said. "Keeping in touch with the external security community is one of the ways Peloton invests in the security of our products."

The fitness giant came under fire earlier this spring when it recalled over 125,000 of its treadmills after more than 70 people reported injuries and one child died from injuries related to the machine.

Peloton released a new feature called "tread lock," which locks the treadmills after 45 seconds of inactivity as a result.

The company went public at $29 per share in September 2019, giving it an $8.1 billion valuation at the time.

Peloton shares are unsurprisingly up nearly 118% year-over-year.

Emily Rella

Entrepreneur Staff

Senior News Writer

Emily Rella is a Senior News Writer at Entrepreneur.com. Previously, she was an editor at Verizon Media. Her coverage spans features, business, lifestyle, tech, entertainment, and lifestyle. She is a 2015 graduate of Boston College and a Ridgefield, CT native. Find her on Twitter at @EmilyKRella.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Related Topics

Business Solutions

Stay Organized with This Task Management Tool, on Sale for $30

A Study Planr Pro subscription is just $30 for life.

Business Ideas

55 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business News

Here Are 3 Strategies Startup Founders Can Use to Approach High-Impact Disputes

The $7 billion "buy now, pay later" startup Klarna recently faced a public board spat. Here are three strategies to approach conflict within a business.

Data & Recovery

Get 2TB of Cloud Storage with PhotoSphere for Just $280 for a Limited Time

Easily store and access photos, videos, and other files spread across your work devices.