Back in 2015, Lenovo was caught out for implanting adware that cut through user security. This Aware was called Superfish and wasn’t installed by accident. Superfish is a deliberate program installed without user consent. And now Lenovo must pay for their deliberate mistakes.
A coalition of 32 state attorneys general announced a $3.5 million settlement with the PC maker. Superfish was only installed on PCs between 2014 – 2015 and inserted pop-up adverts into regular websites using software that could get past secure websites. This was ultimately compromised by hackers, which puts user’s data at risk.
“No consumer should have to worry that a software glitch will make them vulnerable to hackers,” New York Attorney General Eric Schneiderman said in a statement. “This settlement will reform Lenovo’s policies and procedures to prevent this breakdown from occurring in the future.”
Lenovo has also agreed to regular audits of its pre-installed software. Hopefully, this will highlight the importance of user security on a manufacturer level.
This article originally appeared on The Verge.