(AP) — A technology company will pay $3.5 million and change how it sells laptop computers as part of a settlement reached with federal officials and 32 states.

The agreement with Lenovo announced Tuesday settles allegations that the North Carolina-based firm sold devices with preloaded software that made users’ sensitive personal information vulnerable to hackers.

The VisualDiscovery software was installed on hundreds of thousands of laptops to deliver pop-up ads to consumers.

Lenovo stopped shipping laptops with VisualDiscovery preinstalled in February 2015, but some states contend that some laptops with the software were still being sold by various retail outlets as late as June 2015.

Under the settlement, Lenovo will now obtain consumers’ consent to use the software and provide a reasonable way for consumers to opt out, disable or remove it.

“Lenovo compromised consumers’ privacy when it preloaded software that could access consumers’ sensitive information without adequate notice or consent to its use,” acting Federal Trade Commission Chair Maureen Ohlhausen said. “This conduct is even more serious because the software compromised online security protections that consumers rely on.”

The states involved in the settlement are Arizona, Arkansas, California, Colorado, Connecticut, Florida, Hawaii, Idaho, Illinois, Indiana, Iowa, Kansas, Louisiana, Maine, Minnesota, Missouri, Nebraska, Nevada, New Hampshire, New Jersey, New York, North Carolina, North Dakota, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Vermont and Washington.