Chinese computer manufacturer Lenovo has been victim to a website hack, just days after the company was forced to apologize over using the controversial Superfish software on some of its products.
According to The Verge, Lenovo’s website was hacked around 4PM ET. Visitors to the site would then see a “slideshow of disaffected youths, set to the song ‘Breaking Free’ from High School Musical.” The hijack was short-lived, however, and the site was fully back to normal by 5:30. The BBC reports that hacking group Lizard Squad claimed responsibility on Wednesday via their Twitter account.
According to Reuters, Lizard squad also published an email exchange from Lenovo employees discussing Superfish. They were able to do this due to the nature of the attack, which was said to be a breach of the domain name system associated with Lenovo, allowing the hackers to intercept internal company emails. Despite this, Reuters adds that “consumer data was not likely compromised.”
In a public statement, Lenovo apologized for the site’s inaccessibility, saying, “We regret any inconvenience that our users may have if they are not able to access parts of our site at this time. We are actively reviewing our network security and will take appropriate steps to bolster our site and to protect the integrity of our users’ information.”
It has been a difficult few days for the company, with the Superfish furore still fresh in the memory. The software was intended to suggest advertisements, but could break web encryption between customers and websites, potentially exposing sensitive data.
ESET senior security researcher Stephen Cobb has written a piece to help ascertain whether your Lenovo laptop has the Superfish software installed, after some webpages designed to detect the software were found to be generating false positives.
Gil C / Shutterstock.com