RALEIGH - Attorney General Josh Stein says the state is settling with Lenovo to resolve allegations that the company broke state consumer protection laws by pre-installing software on their laptops sold to North Carolina customers' personal information vulnerable to hackers.
“North Carolinians must be able to trust that the laptops they purchase are not leaving them more vulnerable to hackers,” said Attorney General Stein. “I will do everything in my power to keep people safe online. I am glad to see Lenovo taking action to prevent this from happening again.”
The total settlement amount is $3.5 million. North Carolina will receive $101,046. Part of the settlement requires Lenovo to change consumer disclosures about pre-installed advertising software to require a consumer's affirmative consent to using the software on their device and to provide a reasonable and effective means for consumers to opt-out, disable or remove the software.
Lenovo is also required to implement and maintain a software security compliance program and must obtain initial and biennial assessments for the next 20 years from a qualified, independent, third-party professional that certifies the effectiveness and compliance with the security compliance program.