Lenovo Accepts $3.5M Fine to Settle With FTC

Lenovo Ordered to Pay $3.5M Fine for Superfish Software

The FTC and Lenovo have reached a settlement of $3.5 million, as a direct result of the company allowing potentially malicious software to be installed on new PCs without the user’s knowledge.  From 2014 to 2015, as many as 750,000 new Lenovo computers came with VisualDiscovery pre-installed.  The software was a legitimate product created by the California-based software company, Superfish.  VisualDiscovery created pop-up ads when users hovered over similar objects on websites.  The FTC confirmed the software collected data on website traffic.  However, they also believed all of the user’s personal information that was transmitted online was also compromised.  This could include the user’s date of birth, social security number, banking information, login credentials, etc.

Lenovo disagrees with the FTC’s claims.  Although, they said they were pleased the issue is resolved.  The $3.5 million fine will be distributed to the 32 states that were a part of the lawsuit.

Beyond paying the fine, different conditions were put into place regarding Lenovo’s business practices.  USA Today reports,

“As part of the settlement, Lenovo must now get consumers’ permission before pre-installing any software that injects advertising into consumers’ Internet browsing sessions or that transmits sensitive information from their systems to third parties. Lenovo must also implement a comprehensive software security program to test all software the comes preloaded onto its laptops, and that security program will be subject to third-party audits.”

What to users should do now…

If you purchased a Lenovo PC in 2014 or 2015, VisualDiscovery has likely already been removed.  Most security solutions have disabled the software from executing.  However, if you have PC Matic, you were never at risk because VisualDiscovery was never a whitelisted program.  Therefore, even if you had a PC with the software installed, it could not run to collect any user data.  If are uncertain if your security program has removed the software, you may reach out to their support team for further inquiries.

(Visited 7,750 times, 9 visits today)

12 thoughts on “Lenovo Accepts $3.5M Fine to Settle With FTC

  1. I have a Lenova idea 300. I have found after many personal builds and other mass produced PC’s that this is the best I have ever had. I added Total AV and ashampoo winoptimizer and this little pc runs like a champ. Between what already is offered and add ons and support from Lenova thislittle baby hums along with nary a problem. Sure it’s lacking in video as well as no real way to ad a sound card or video card it does everything I ask of it and does it with speed and accuracy. I have Logitech 5.1 speakers and a 24 inch lcd screen. I couldn’t ask for more. I highly recommend the linova idea 300 for quality and price. Not a monster machine but covers all the bases well.

  2. I own a Lenovo ThinkPad X220 Tablet laptop. I purchased it used and refurbished, with its operating system upgraded from Windows 7 to Windows 10 (64-bit version), so I don’t know if it was among the Lenovo PCs affected by this. However, every time I’m on my Web browser (Chromium-based Comodo Dragon), it goes haywire whenever I’m typing something, and it’s driving me up the wall. I haven’t figure out the cause of the problem, but in the wake of this item, I have my suspicions.

  3. I wrote an appropriate response to this situation.It had to be reviewed efore posting.
    Well it didn’t make the cut and now I wonder what PCMatics agenda is .I switched to PCMatic recently and they must be covering for some of their unoficial “partners”.

  4. I bought a Lenovo about 5 years ago and had no problems
    Ijust installed a Cannon printer and got sidetracked to a company called Slimware.They told me that my Lenovo hadn’t been updated in years, and would install new drivers. The rest was a scam but luckily no harm so far .
    I blame Cannon,Lenovo,Slimware and myself for taking 2 hours to realise they were all sleaze dogs.Will do what I can to warn people.

  5. 3.5 Million is not much of a fine for a company with the assets of Lenovo. They made a lot more on the advertising than that. The fine should penalize which would mean it would be equal to the profits from the illegal action and then some more so there would actually be a penalty.

  6. My family and I were within a day of purchasing 3 Lenovo computers when a long time friend heard of our impending purchase and took time off from lunch to visit me and tell me of his horror story with the popups. He felt his security was compromised at the time, but could not prove it. He was able to return his Lenovo and like us all purchased a Dell. $3.5 million does not pay for all the wasted and frustrated time with these Lenovo computers

    For this reason, and many more..it is peace of mind to have PC Matic on our computers and easy to delete one and add another which the inevitable failure of a computer happens.

  7. Well this happened to me, and I paid HUNDREDS of dollars to various computer places trying to get the computer to run without 17 or 18 popups occurring all at once. The place I bought the Lenovo insisted I had “gotten malware” although it happened from the first moment I turned the new computer on. I resent that I have to eat the time and money wasted. It’s great they paid a fine – they should be paying ME.

    • @Sue: Yes they should, but this won´t happen. Banks screwed everybody in multiple scams after the global financial crisis. Once a few of them got caught, billions in fines were paid in several occasions, but did you see any on your account?

  8. How long will it be before Malwarebytes.org gets slapped with a fine for recklessly disabling or uninstalling software such as IOBIT Advanced System Care when they are installed on the same system. Just asking

Leave a Reply

Your email address will not be published. Required fields are marked *