Connect with us

Latest News

Investors cheer as Lyft’s Q1 revenue didn’t fall as much as expected

Published

on

Investors gave Lyft’s value a small bump Tuesday after the American ride-hailing company reported results that weren’t quite as bad as the company, and Wall Street had expected. Shares of the Uber competitor rose as much as 4.5% in after-hours trading following the disclosure of its financial performance from the first three months of the year. As of the time of writing those gains have fallen to a smaller 2.5% gain.

Turning to its results, Lyft’s revenue fell 36% to $609 million in the first quarter of 2021 compared to the same period last year before the COVID-19 pandemic upended the economy, and, more specifically the ride-hailing industry. That disparity in revenue can be directly tied to fewer active riders using its app. The company said it had 13.49 million active riders in the first quarter, down more 36.4% from the 21.2 million riders on its network in the same period last year.

But while the company’s ride base and revenues did fall, the drops were not as extreme as the company, or its backers feared. As Lyft trumpeted at the top of its quarterly results deck, its revenue in the period was $59 million greater than the midpoint of its guidance. That’s investor speak for overshooting the mean, which apparently is an A+ in today’s market. Lyft also stuck by its previous forecast that it can achieve adjusted EBITDA profitability in the third quarter.

The company reported an adjusted EBITDA loss totaling $73 million in the first quarter, which was far better than anticipated. The company had expected a sharper $135 million adjusted EBITDA deficit for the period.

In addition to beating its own Q1 2021 goals to some degree, Lyft posted 7% percent revenue growth over what it recorded in Q4 2020, a detail that Lyft pointed to as a sign that the company was on the road to recovery. Lyft said ridership also improved some 8% from the previous quarter.

The company remains deeply unprofitable, despite its partial recovery. Lyft reported a net loss of $427.3 million in the first quarter, a 7.3% worsening from the $398.1 million net loss it recorded during the same period last year. Those losses included $180.7 million of stock-based compensation and related payroll tax expenses and $128.0 million related to changes to the liabilities for insurance required by regulatory agencies attributable to historical periods.

Despite the losses, Lyft executives said they were buoyed by stronger rider demand, which has picked up in recent months.

The company also emphasized the sale of its self-driving unit called Level 5, which was announced last week. Lyft sold the autonomous vehicle unit to Toyota’s Woven Planet Holdings subsidiary for $550 million, the latest in a string of acquisitions spurred by the cost and lengthy timelines to commercialize autonomous vehicle technology. Uber also sold its self-driving tech, work that was once seen as existential to the ride-hailing game.

Lyft’s so-called Level 5 division will be folded into Woven Planet Holdings once the transaction closes in the third quarter of 2021. Lyft will receive $550 million in cash, with $200 million paid upfront. The remaining $350 million will be made in payments over five years. About 300 people from Lyft Level 5 will be integrated into Woven Planet. The Level 5 team, which in early 2020 numbered more than 400 people in the U.S., Munich and London, will continue to operate out of its office in Palo Alto, California.

Lyft reported $2.2 billion of unrestricted cash, cash equivalents and short-term investments at the end of the first quarter of 2021.

Considering the company’s quarter in aggregate it’s easy to make the bearish and bullish case regarding its performance. On the bearish side of things, Lyft is smaller, and losing even more money than it did in the year-ago period. And the road to recovery for its operations will prove winding as COVID-19 declines to fuck off, even in the face of rising global vaccination levels.

On the bullish side of things, the following chart from the Lyft earnings deck is perhaps the best single-image argument that could be made for Lyft’s recovery being deeply underway:

Lyft Q1 2021

Image Credits: Screenshot/Lyft

More when Uber reports its own Q1 2021 performance tomorrow.

Lyron Foster is a Hawaii based African American Musician, Author, Actor, Blogger, Filmmaker, Philanthropist and Multinational Serial Tech Entrepreneur.

Latest News

Echelon exposed riders’ account data, thanks to a leaky API

Published

on

Image Credits: Echelon (stock image)

Peloton wasn’t the only at-home workout giant exposing private account data. Rival exercise giant Echelon also had a leaky API that let virtually anyone access riders’ account information.

Fitness technology company Echelon, like Peloton, offers a range of workout hardware — bikes, rowers, and a treadmill — as a cheaper alternative for members to exercise at home. Its app also lets members join virtual classes without the need for workout equipment.

But Jan Masters, a security researcher at Pen Test Partners, found that Echelon’s API allowed him to access the account data — including name, city, age, sex, phone number, weight, birthday, and workout statistics and history — of any other member in a live or pre-recorded class. The API also disclosed some information about members’ workout equipment, such as its serial number.

Masters, if you recall, found a similar bug with Peloton’s API, which let him make unauthenticated requests and pull private user account data directly from Peloton’s servers without the server ever checking to make sure he (or anyone else) was allowed to request it.

Echelon’s API allows its members’ devices and apps to talk with Echelon’s servers over the internet. The API was supposed to check if the member’s device was authorized to pull user data by checking for an authorization token. But Masters said the token wasn’t needed to request data.

Masters also found another bug that allowed members to pull data on any other member because of weak access controls on the API. Masters said this bug made it easy to enumerate user account IDs and scrape account data from Echelon’s servers. Facebook, LinkedIn, Peloton and Clubhouse have all fallen victim to scraping attacks that abuse access to APIs to pull in data about users on their platforms.

Ken Munro, founder of Pen Test Partners, disclosed the vulnerabilities to Echelon on January 20 in a Twitter direct message, since the company doesn’t have a public-facing vulnerability disclosure process (which it says is now “under review”). But the researchers did not hear back during the 90 days after the report was submitted, the standard amount of time security researchers give companies to fix flaws before their details are made public.

TechCrunch asked Echelon for comment, and was told that the security flaws identified by Masters — which he wrote up in a blog post — were fixed in January.

“We hired an outside service to perform a penetration test of systems and identify vulnerabilities. We have taken appropriate actions to correct these, most of which were implemented by January 21, 2021. However, Echelon’s position is that the User ID is not PII [personally identifiable information,” said Chris Martin, Echelon’s chief information security officer, in an email.

Echelon did not name the outside security company but said while the company said it keeps detailed logs, it did not say if it had found any evidence of malicious exploitation.

But Munro disputed the company’s claim of when it fixed the vulnerabilities, and provided TechCrunch with evidence that one of the vulnerabilities was not fixed until at least mid-April, and another vulnerability could still be exploited as recently as this week.

When asked for clarity, Echelon did not address the discrepancies. “[The security flaws] have been remediated,” Martin reiterated.

Echelon also confirmed it fixed a bug that allowed users under the age of 13 to sign up. Many companies block access to children under the age of 13 to avoid complying with the Children’s Online Privacy Protection Act, or COPPA, a U.S. law that puts strict rules on what data companies can collect on children. TechCrunch was able to create an Echelon account this week with an age less than 13, despite the page saying: “Minimum age of use is 13 years old.”

Continue Reading

Latest News

Casualties Mount As Violence Intensifies Between Hamas, Israel

Published

on

Israel has called up more troops and launched its heaviest assault yet along the Gaza border. Seven people in Israel have been killed. Losses are much higher on the Palestinian side.

Continue Reading

Latest News

Palestinian Perspective: What The Conflict With Israel Looks Like From Gaza

Published

on

NPR’s Steve Inskeep talks to Omar Shaban, founder of a Gaza-based think tank, and Palestinian lawyer Diana Buttu, about how this cycle of Palestinian-Israeli violence plays out in their neighborhoods.

Continue Reading

Trending

Copyright © 2020 Latin America Business News

en_USEnglish