Lenovo's website was hacked just one week after it was revealed the company had pre-installed Superfish adware on laptops that left users with a huge security vulnerability.
Reports indicate the hack was the work of the Lizard Squad group that has been behind hacks of the PlayStation Network, Xbox Live and even the North Korean government. The hack is reportedly in retaliation to the Superfish incident from last week, after which Lenovo issued an apology and a fix for removing the Superfish adware.
The intrustion at Lenovo's website comes at a rough time for the company, as customer trust is already damaged by the Superfish incident. Lenovo has not made any comments since its website was hacked.
In the wake of the Superfish incident and now the website security incident Lenovo should begin taking some specific actions to regain consumer trust.
One good measure would be to start removing bloatware and unnecessary software from Lenovo computing devices, which is something that the company has pledged to do. The PC maker siad would immediately start removing such software, with the goal of completing this process by the time Windows 10 is released to the public later this year.
"By the time we launch our Windows 10 products, our standard image will only include the operating system and related software, software required to make hardware work well (for example, when we include unique hardware in our devices, like a 3D camera), security software and Lenovo applications," said the company in a statement.
The company will also be providing explanations for each of the third-party applications and services that are pre-installed on laptops, which is another step forward.
Another thing Lenovo should consider is conducting a security audit of its systems and products. While this would likely cost time and money, getting a third-party expert to validate device security could win some points with users.