May 17, 2020

IMImobile acquires Healthcare Communications

NHS
Technology
NHS
Technology
Catherine Sturman
2 min
IMImobile
Global cloud communications software and solutions provider IMImobile has announced its decision to acquire patient communication services provider Heal...

Global cloud communications software and solutions provider IMImobile has announced its decision to acquire patient communication services provider Healthcare Communications. The decision will see IMImobile further develop essential digital tools to support and engage with patients.

With rising healthcare costs, the National Health Service is looking at implementing new, innovative technologies to further support the delivery of exceptional patient care.

Healthcare Communications is responsible for the implementation and pioneering of SMS text appointment reminder services in the UK, and has strong partnerships with 140 NHS organisations, delivering more than 100mn secure patient communications a year via SMS, IVM, telephone and email. This is in addition to postal and portal communications channels. More than 4,000 staff use the company’s messaging services daily.

Whilst UK Health Secretary Jeremy Hunt has revealed that the number of missed appointments remains high, costing the UK over £700mn per annum, the implementation of SMS technology has seen the number of DNA’s fall by up to 25% in some areas. The acquisition will therefore support the UK’s ambitions to deliver cost savings across the UK healthcare industry.

“We are delighted with the acquisition of Healthcare Communications. This will allow us to extend our cloud communications technology and solutions to support the public services and healthcare sector,” commented Jay Patel, Chief Executive Officer at IMImobile.

Related stories

“The use of data and digital communication technology has the power to transform patient communication and support whilst driving greater operational efficiencies. We look forward to working with the Healthcare Communication team to take advantage of the close synergies bringing new services to the UK healthcare market.”

Headquartered in London, with offices in Hyderabad, Atlanta, Dubai and Johannesburg, IMImobile has over 1,000 employees worldwide, where its smart, digital customer engagement solutions are also implemented via Vodafone, Telefonica, France Telecom, Centrica, government agencies and several major financial institutions.

“We are very excited to become a part of the IMImobile Group, who are a well-established global leader of customer engagement communication solutions to leading enterprises worldwide,” added Mike Cunningham, Managing Director at Healthcare Communications.

“It will significantly accelerate our ability to invest in our products and services to support NHS England with its digital transformation agenda.”

Share article

Jun 17, 2021

Peloton vulnerable to cyber attacks, McAfee research finds

cyberattack
fitness
Cybersecurity
verification
2 min
​​​​​​​Software security experts McAfee discovered exercise bikes by Peloton are vulnerable to cyber attacks, which the company have since resolved 

Peloton, the popular exercise bikes, were found to be vulnerable to cyber attacks in the latest research from McAfee. 

Peloton is a brand of electric bikes that combines high end exercise equipment with cutting-edge technology. Its products use wi fi to connect to a large tablet that interfaces with the components of the exercise device, and provides an easy way for physical activity enthusiasts to attend virtual workout classes over the internet several times a week.

Peloton has garnered attention recently around the privacy and security of its products. So McAfee decided to take a look for themselves and purchased a Peloton Bike+.

The problem

Researchers looked at the Android devices and uncovered a vulnerability  that could allow an attacker with either physical access to the Bike+ or access during any point in the supply chain to gain to hack into the bike’s tablet, including the camera, microphone and personal data. 

For the person using it there would be no indication the Bike+ has been tampered with, potentially putting Peloton’s 16.7 million users at risk.  

The flaw was found in the Android Verified Boot (AVB) process. McAfee researchers were able to bypass the Android Verified Boot process, which normally verifies all code and data before booting. They were then able to get the device to boot bypassing this step. 

This could potentially lead to the Android OS being compromised by an attacker who is physically present. Even worse, the attacker could boot up the Peloton with a modified credential to gain privileges, granting them access to the bike remotely. 

As the attacker never has to unlock the device to boot it up, there would be no trace of their access on the device. This type of attack could also happen at any point from construction to warehouse to delivery, by installing a backdoor into the Android tablet without the user ever knowing. 

The solution

Given the simplicity and criticality of the flaw, McAfee informed Peloton while auditing was ongoing. The vendor was sent full details,  and shortly after, Peloton confirmed the issue and released a fix for it. 

Further conversations between McAfee and  Peloton confirmed that this vulnerability had also been present on the Peloton Tread exercise equipment. 

Peloton’s Head of Global Information Security Adrian Stone, commented on the research: “This vulnerability reported by McAfee would require direct, physical access to a Peloton Bike+ or Tread. Like with any connected device in the home, if an attacker is able to gain physical access to it, additional physical controls and safeguards become increasingly important.

"To keep our members safe, we acted quickly and in coordination with McAfee. We pushed a mandatory update in early June and every device with the update installed is protected from this issue.”

Share article