Lenovo has come under fire as it was revealed that software preloaded on its computers could give hackers easy access to secure browser data.
This means that third parties are more likely to get their grubby hands on a user’s passwords, bank details and other sensitive data.
The adware, Superfish, which Lenovo announced in January was built in as standard on its consumer PCs, acts as a ‘man-in-the-middle’, accessing data for advertising purposes, reports the Verge.
It does this by building itself an unrestricted root certificate authority, and installing a proxy that bypasses requests for a secure connection.
SSL certificates used by banks, retailers and other large websites to prove they are legitimate, offer Superfish to push through ads and reading data from pages that should be secure.
Lenovo previously removed the software from its devices, but then claimed that it didn’t monitor user behaviour, or record user data.
The company also ensured its users that they could disable Superfish, however, not long after it was discovered that this did not in fact remove the root certificate.
Lenovo told the Verge that it is looking into the vulnerability.