Lenovo recently reached a settlement of $7.3 million in a class action lawsuit that was brought against them after they had pre-installed an adware called VisualDiscovery onto 750,000 computers, putting the users’ privacy at risk, according to Bloomberg Law.
The approval for the settlement was granted by the U.S. District Court for the Northern District of California on November 21st.
“The adware played a vital role in compromising online security protections installed by the users on their laptops, accessed financial data and performed man-in-the-middle attack on private and secure connections due to which attackers could gain free access to the system and spied on encrypted communications,” reported Hackread.
The developer of the adware, SuperFish, will also be contributing $1 million, making the settlement total $8.3 million. The money will be distributed back to “all persons who purchased a Lenovo computer in the United States on which VisualDiscovery was installed by Lenovo,” U.S. Judge Haywood S. Gilliam, Jr. wrote Nov. 21. That will amount to about eleven dollars, each.
The class was represented by Jessica Bennett, Richard Krause, Robert Ravencamp, and John Whittle who brought the suit forward in 2015, claiming that Lenovo had violated the Computer Fraud and Abuse Act, the federal Wiretap Act, and California and New York consumer protection laws
“While Lenovo disagrees with allegations contained in these complaints, we are pleased to bring this matter to a close after 2-1/2 years. To date, we are not aware of any actual instances of a third-party exploiting the vulnerabilities to gain access to a user’s communications,” read Lenovo’s (now deleted) official statement.
Under a separate agreement, Lenovo paid $3.5 million to state authorities. They also reached a no-fault settlement with the Federal Trade Commission and 32 state attorneys general, in which they agreed to 20 years of agency audits.