Lenovo settled with States with $ 3.5 Million and US Government’s Federal Trade Commission (FTC) for over “The Superfish Scandal”.
 Lenovo deliberately supplied laptops with preinstalled “Visual Discovery Malware” developed by a company named Superfish during September 2014 to January 2015. Visual Discovery is known to insert ads in your regular websites with HTTPS. 
Lenovo puts Crapware in Laptops : Got fined for 3.5 Million USD
source Lenovo
This was not the only security flaw but also undoing of what web encryption stands for. Court declared that is technical “Man in the Middle Attack” as the person using laptop does not consents or knows of software. The deliberated notion stands Lenovo and Superfish of breaking the user trust. 
Not only the user’s privacy was at stake their financial and security was also threatened, as this malware was able to access confidential data on browsers such as passwords, SSN etc. Login Credentials and SSNs were sent to Superfish’s server along with IP of the user that posed a great financial and security risk for the Users.
In their decisions the FTC said

As part of the settlement with the FTC, Lenovo is prohibited from misrepresenting any features of software preloaded on laptops that will inject advertising into consumers’ Internet browsing sessions or transmit sensitive consumer information to third parties. The company must also get consumers’ affirmative consent before pre-installing this type of software. In addition, the company is required for 20 years to implement a comprehensive software security program for most consumer software preloaded on its laptops. The security program will also be subject to third-party audits.NOTE: The Commission issues an administrative complaint when it has “reason to believe” that the law has been or is being violated, and it appears to the Commission that a proceeding is in the public interest. When the Commission issues a consent order on a final basis, it carries the force of law with respect to future actions. Each violation of such an order may result in a civil penalty of up to $40,654.

For their miscreants, Lenovo stands to pay 3.5 million USD in fines to states, but no monetary fine was posed by FTC due to their first offences.

Software like Superfish is known as Crapware and is found in many Mobile and Laptops. They are preinstalled for a small fee from the software company. Such Softwares are mostly useless and are used for marketing purposes only. The Visual Discovery goes ahead and inserts ads in secure pages which were not sought by Lenovo as well. To this time The Lenovo maintains that they do not know a case where a user’s privacy was violated.



Load More Related Articles
Load More By Sushant Bhargav
Load More In Tech News

Check Also

Toshiba America Foundation to invest $95,000 for 25 Classroom STEM Projects

Toshiba America Foundation’s STEM grant The US program for education STEM (Science, Techno…