May 17, 2020

Health startup Collective Health raises another $100mn

healthcare services
Health Insurance
Catherine Sturman
3 min
Startup funding (Getty Images)
The US healthcare market is witnessing a number complex challenges, particularly surrounding healthcare insurance. The recent collaboration between JP M...

The US healthcare market is witnessing a number complex challenges, particularly surrounding healthcare insurance. The recent collaboration between JP Morgan, Berkshire Hathaway and Amazon, highlights such complexities, where the trio will work to develop key digital tools to support employees and deliver tech-focused solutions within the healthcare space.

Apple has also recently decided to launch its own health clinics for employees, and are currently hiring for specialist roles in the sector.  

Healthcare startup Collective Health are taking advantage of this growing trend, and utilise predictive analytics to deliver tailored, bespoke healthcare programmes for employees.

Its recent $100mn funding will enable the business to further scale its operations, with financial support from investors Founders Fund, Maverick Ventures, NEA Alphabet’s investment arm GV, amongst others, bringing the total raised to $230mn.

“The way we access, pay for, and improve healthcare in the US is undergoing a fundamental shift—one driven by employers. Employers not only pay for the vast majority of private healthcare in America, they are also running healthcare plans that pioneer the most innovative approaches to delivering care, creating a massive market opportunity for a new generation of healthcare companies,” explained Ali Diab, CEO and co-founder of Collective Health.

 “However, employers’ ability to drive positive change in healthcare is being hampered by antiquated technology that keeps all pertinent healthcare and financial information locked in disparate, legacy systems. The Collective Health Platform eliminates this fragmentation, removing inefficiencies, lowering costs, and improving the experience for American employers and workers.”

New investors, Mubadala Ventures and Sun Life Financial have also been bought on board, which will support the business in enhancing its data analytics and further enhance its workforce health management system. The company will also aim to replace outdated communication tools such as fax machines, something which the healthcare industry is reluctant to overhaul.

Over 120,000 members and 30 enterprise clients utilise Collective Health, and supports renowned companies such as SpaceX and eBay, Techcrunch has reported.

See also

The company’s partnership with Sun Life Financial, will see Collective Health take the employee benefits experience to the next level for self-funded employers and their employees in the US.

“American employers, through the benefits they provide, drive the biggest portion of the healthcare system, and are demanding more sophisticated tools to improve the performance of their plans and the health of their employees,” explained Dan Fishbein, President of Sun Life Financial US.

“We share a deep client focus with Collective Health, and are thrilled to work more closely with their team to innovate and deliver smarter, more flexible products. Together, we will transform the benefits experience for self-funded employers and their employees.”

In the US, Sun Life Financial is one of the largest group benefits providers, serving more than 60,000 employers in small, medium and large workplaces across the country.

The partnership will enable Collective Health to integrate Sun Life's stop-loss offering into its Collective Health Platform to protect self-funded employers from the cost of high-dollar claims, while creating a seamless purchase, claim and reimbursement experience.

Additionally, the company has recently partnered with Uber Health, which will see its Collective Health Platform support users in booking Uber rides through the car hailing companies health transportation initiative.

“Our goal has always been to make healthcare more accessible, helping people get the right treatment at the right time. This is especially critical for people who are navigating more complex health issues,” commented Dr Rajaie Batniji, co-founder and Chief Health Officer of Collective Health.

“We’re constantly experimenting with how we can improve health outcomes, and I’m excited to see how seamless access to transportation services via Uber Health can further optimise care.

Share article

Jun 17, 2021

Peloton vulnerable to cyber attacks, McAfee research finds

2 min
​​​​​​​Software security experts McAfee discovered exercise bikes by Peloton are vulnerable to cyber attacks, which the company have since resolved 

Peloton, the popular exercise bikes, were found to be vulnerable to cyber attacks in the latest research from McAfee. 

Peloton is a brand of electric bikes that combines high end exercise equipment with cutting-edge technology. Its products use wi fi to connect to a large tablet that interfaces with the components of the exercise device, and provides an easy way for physical activity enthusiasts to attend virtual workout classes over the internet several times a week.

Peloton has garnered attention recently around the privacy and security of its products. So McAfee decided to take a look for themselves and purchased a Peloton Bike+.

The problem

Researchers looked at the Android devices and uncovered a vulnerability  that could allow an attacker with either physical access to the Bike+ or access during any point in the supply chain to gain to hack into the bike’s tablet, including the camera, microphone and personal data. 

For the person using it there would be no indication the Bike+ has been tampered with, potentially putting Peloton’s 16.7 million users at risk.  

The flaw was found in the Android Verified Boot (AVB) process. McAfee researchers were able to bypass the Android Verified Boot process, which normally verifies all code and data before booting. They were then able to get the device to boot bypassing this step. 

This could potentially lead to the Android OS being compromised by an attacker who is physically present. Even worse, the attacker could boot up the Peloton with a modified credential to gain privileges, granting them access to the bike remotely. 

As the attacker never has to unlock the device to boot it up, there would be no trace of their access on the device. This type of attack could also happen at any point from construction to warehouse to delivery, by installing a backdoor into the Android tablet without the user ever knowing. 

The solution

Given the simplicity and criticality of the flaw, McAfee informed Peloton while auditing was ongoing. The vendor was sent full details,  and shortly after, Peloton confirmed the issue and released a fix for it. 

Further conversations between McAfee and  Peloton confirmed that this vulnerability had also been present on the Peloton Tread exercise equipment. 

Peloton’s Head of Global Information Security Adrian Stone, commented on the research: “This vulnerability reported by McAfee would require direct, physical access to a Peloton Bike+ or Tread. Like with any connected device in the home, if an attacker is able to gain physical access to it, additional physical controls and safeguards become increasingly important.

"To keep our members safe, we acted quickly and in coordination with McAfee. We pushed a mandatory update in early June and every device with the update installed is protected from this issue.”

Share article