Peloton, the popular fitness application best known for its virtual cycling classes and exercise bikes, exposed thousands of users’ personal data via a set of improperly secured API endpoints. The company deployed a partial fix after security researchers forwarded the information to media partners.