Acting on behalf of financially injured consumers, Weitz & Luxenberg P.C. last Thursday filed a class action lawsuit against computer maker Lenovo Group Ltd. and malware supplier Superfish, the major national law firm today announced.
W&L contended in the complaint that Lenovo and Superfish, among other things, knowingly and purposefully created a security hole in certain Lenovo laptop and notebook computers through which hackers could easily gain access to users’ confidential personal and financial information.
The New York City-based firm said its class action was filed in federal court for the Northern District of California. Superfish is headquartered in that district, while Lenovo’s U.S. headquarters are in Morrisville, North Carolina.
W&L explained that purchasers of these computers suffer financial harm because the devices are vulnerable to cyber attack, which renders them less valuable.
W&L is interviewing other potential representative plaintiffs, and encourages people with the offending laptops and notebooks to contact the firm at toll-free (844) 300-4357 or fill out a form.
Lenovo Still Selling With Superfish Malware
The filing was made against a backdrop of news that Lenovo has continued to sell the malware-laden laptops and notebooks in the months since the problem was discovered by consumers, said W&L.
Robin L. Greenwald, who heads the firm’s Environmental, Toxic Tort & Consumer Protection Unit, said “We are particularly troubled to learn that Lenovo has not pulled its malware-infected products from the market.”
Greenwald said Lenovo should have immediately stopped selling Superfish-equipped computers as soon as it knew of the problem.
“By continuing to sell those computers, the company shows disregard for the security of the data that purchasers are trusting will stay private and safe,” she said.
W&L expressed dismay that the “fix” Lenovo offered to consumers is ineffective at closing the security hole.
Said Greenwald, “The repair is supposed to remove the Superfish software, but reports are that it only removes some of it.”
Superfish Malware Deeply Hidden in Lenovo Computers
W&L’s class action lawsuit against Lenovo and Superfish arises from the fact that Lenovo sold laptop computers equipped with deeply embedded hidden malware called VisualDiscovery, said Greenwald.
“Superfish’s Visual Discovery product is designed to monitor everything a user does with his or her device,” she explained.
“Unfortunately, VisualDiscovery also renders the laptop or notebook highly vulnerable to hackers,” she continued.
Once hackers gain access to the Lenovo computer, they can command it to disgorge whatever confidential information the user has stored on it — names, addresses, phone numbers, birth certificates, Social Security numbers, banking records, employment data, passwords and anything else an identity thief might need to commit financial crimes, Greenwald said.
In a practice known as “spoofing,” the Superfish malware also could potentially trick the computer into trusting fraudulent websites designed to look like real ones, such as the user’s bank or favorite online shops, said Greenwald.
The malware-containing computers are Lenovo G, U, Y, Z, S, Flex, MIIX, YOGA, and E series products sold since last September, W&L said.
As W&L moves ahead with the class action lawsuit against Lenovo and Superfish, the law firm said it will continue talking to Lenovo users about their legal rights to compensation from both companies.
“Our class action against Lenovo and Superfish is intended to help consumers who have been harmed,” said Greenwald.
“Those consumers have a right to be fully compensated for the injustice done to them by these companies,” she said. “Many of them may find their quest for justice is best served by joining our class action lawsuit against Lenovo and Superfish.”