New Problems For Peloton As McAfee Slams Their ‘Cult’ Bikes
Peloton whose spin doctors, were earlier this week flogging the brands expensive cult training bikes to the Australian market has been singled out with leading software Company McFee claiming their bikes are vulnerable to malware attacks.
Recently the Company appointed Karen Lawson as their local CEO, to spruik the top end bikes that cost up to $3,600 and to operate them you need to fork out an additional $59 a month subscription fee to track your performance.
Described by one observer as a product for “Wankers who like to flaunt it” McAfee claims said hackers could easily spy on Peloton bikers by tricking them into installing “malicious apps disguised as Netflix and Spotify,” according to research the company released last night.
Also at risk is the bikes web cams.
McAfee claims a hacker, could enter a gym, and insert a tiny USB key into the bikes that would give a criminal remote access to the rider’s personal information.
“An unsuspecting gym-goer taking the Peloton Bike+ for a spin could be in danger of having their personal data compromised and their workout unknowingly watched,” according to the report.
Hackers could install these USBs anywhere in the supply chain, from construction to delivery, which would put consumers who own the pricey bikes and use them in their homes at risk as well, McAfee says.
Last month Peloton announced a recall of both its treadmill machines over safety concerns following an investigation of the Companies products by the U.S. Consumer Product Safety Commission.
The Consumer Product Safety Commission issued an “urgent” warning to parents to stop using the Tread+ because of the risk to young children. As part of its warning the CPSC provided a horrific video showing a toddler being sucked under the machine.
The Company is not releasing the treadmill in Australia.
In a statement, Peloton apologized for not acting more quickly to resolve the issue after reports of one death and dozens of injuries.
According to the New York Post Peloton’s own security and compliance page warns that “no matter how much effort we put into system security, there can still be vulnerabilities present.”
The McAfee Advanced Threat Research group said it alerted Peloton to the problem several months ago.
“McAfee reported a vulnerability to us that required direct, physical access to a Peloton Bike+ or Tread to exploit the issue,” Peloton said in a statement.
The security concerns have surfaced following a massive product recall over safety last month after 70 customers reported injuries from using the treadmills and a child died.
Peloton’s local chief executive Karen Lawson said the company is chasing a broader target market than just the ultra-wealthy.
In an effort to lure consumers into their top end bikes in Australia the US Company is offering the app at $16.99 a month.
Peloton will launch officially in Australia on July 14 selling its bikes online and through retail showrooms in Sydney and Melbourne.
However, the company will not broadcast classes from Australia and won’t sell its treadmills locally after it was hit by a recall of 125,000 of the machines in the US, following reports linking the treadmills to the death of a three-year-old child.