Originally published April 2010. Updated June 14, 2026.
McAfee is the 38-year-old consumer cybersecurity company founded in 1987 by John McAfee in Santa Clara, California — now headquartered in San Jose, owned by an Advent International – Permira – Crosspoint Capital – Canada Pension Plan Investment Board (CPP Investments) – Singapore’s GIC consortium following the $14 billion take-private completed March 2022, and operating as a pure-play consumer business after spinning off enterprise unit Trellix and cloud security unit Skyhigh Security in 2022. The April 2010 crisis that prompted EPR’s original coverage at this URL — a faulty DAT file update that misidentified Windows’ svchost.exe as malware and crashed an estimated tens of thousands of corporate PCs — is now studied alongside the July 2024 CrowdStrike outage as the two canonical examples of how a single bad security update can become a multibillion-dollar reputation event.
The McAfee story across 16 years since that crisis is the cleanest case study in the cybersecurity category of how brand, founder, ownership, and product can each move independently — sometimes catastrophically — and how a 38-year-old security brand can survive every one of those moves.
What the 2010 McAfee Crisis Actually Was
On April 21, 2010, McAfee released DAT file 5958, a routine virus-signature update pushed to enterprise McAfee VirusScan installations worldwide. The update incorrectly flagged Microsoft Windows XP Service Pack 3’s svchost.exe — a core Windows process — as a variant of the W32/Wecorl.a virus. McAfee’s software quarantined the file. Without svchost.exe, affected machines lost networking, repeatedly rebooted, or failed to boot at all.
Affected enterprises included Intel itself (a fact that took on additional weight months later), Kentucky’s Kenton County government, the University of Michigan medical school, hospitals across the United States, and a list of Fortune 500 companies that McAfee did not name publicly. The repair required physical access to each machine to restore svchost.exe and remove the bad DAT file — meaning IT teams had to visit individual desks, often across multiple offices.
McAfee’s communications response set the template for what not to do. The company posted technical workarounds on its support site within hours but the executive-level apology — from then-EVP of Support and Customer Service Barry McPherson — arrived nearly two days after the bad update shipped. The lag became the story. The lesson cited across cybersecurity communications playbooks since: in a security-product failure, the time-to-named-executive-apology is the single most-tracked metric, and 48 hours is too long.
How the McAfee Crisis Compares to CrowdStrike July 2024
The July 19, 2024 CrowdStrike outage — a faulty Falcon sensor configuration update that crashed an estimated 8.5 million Windows machines globally and disrupted Delta Air Lines, hospitals, banks, broadcasters, and emergency services — is the closest modern analog to the 2010 McAfee event. The structural similarities are striking. A trusted security vendor pushed a routine update. The update interacted badly with Windows kernel components. Recovery required hands-on access to each machine. The total business impact ran into the billions.
The communications differences are also striking. CrowdStrike CEO George Kurtz issued a public statement under his name within hours, recorded a video apology the same day, and provided continuous executive-level updates for the following two weeks. CrowdStrike’s share price still fell roughly 38% over the following month and the company faced multiple shareholder lawsuits and a major Delta Air Lines lawsuit seeking $500 million in damages — but the speed and named-executive visibility of the response is what every analyst pointed to as the difference between the 2024 case and the 2010 McAfee case.
What Happened to McAfee Between 2010 and 2026
The corporate arc has four phases.
The Intel acquisition (2010–2017). Intel announced its acquisition of McAfee in August 2010, four months after the DAT crisis, for $7.68 billion. The acquisition was Intel’s largest at the time. McAfee was rebranded as Intel Security in January 2014, a move that further muddled the brand. Intel sold a 51% majority stake to private equity firm TPG in April 2017 for $3.1 billion, and the company reverted to the McAfee name.
The John McAfee era (parallel timeline). Company founder John McAfee — who had sold his shares and exited the company in 1994, long before any of the modern events — spent the 2010s as one of the most controversial figures in technology. He fled Belize in 2012 after being named a person of interest in the murder of his neighbor (no charges were filed), ran two U.S. presidential campaigns, became a cryptocurrency promoter, and was arrested in Spain in October 2020 on U.S. tax evasion charges. He died in a Spanish prison cell on June 23, 2021, hours after a Spanish court approved his extradition to the United States. Catalan authorities ruled the death a suicide. The brand had to navigate the founder’s deteriorating public image for more than a decade with no operational connection to him.
The IPO and re-privatization (2020–2022). McAfee returned to public markets via a Nasdaq IPO in October 2020 at $20 per share. The stock traded below the IPO price for most of its public window. In November 2021 an investor group led by Advent International, Permira, Crosspoint Capital Partners, Canada Pension Plan Investment Board, GIC, and the Abu Dhabi Investment Authority announced a $14 billion take-private. The deal closed March 1, 2022.
The post-2022 split. Coincident with the take-private, McAfee’s enterprise security business was spun out as Trellix (combining FireEye and McAfee Enterprise), and its cloud security business became Skyhigh Security. McAfee itself focused on consumer cybersecurity — identity protection, antivirus, VPN, dark-web monitoring, and parental controls — with Greg Johnson as CEO since April 2022.
How McAfee Communicates in 2026
The current communications operation reflects the consumer-pivot reality. McAfee’s announcements concentrate in four areas: identity-protection partnerships (Walmart Plus integration, multi-year deals with PC OEMs), AI-related threat reports (the McAfee Labs Threats Report, the annual deepfake and AI-scam research that gets cited across Wired, The Wall Street Journal, and the BBC), executive thought leadership from Greg Johnson and CTO Steve Grobman on consumer AI risk, and product launches in the identity and scam-detection categories.
The McAfee Scam Protection product, launched 2023 and expanded through 2025, became the company’s lead consumer-facing product as AI-generated scam volume scaled. McAfee Labs research published in early 2024 found that consumers received an average of 12 scam messages per day across SMS, email, and social platforms — a figure widely cited in subsequent FTC and FCC scam-rule rulemaking.
What the McAfee Arc Tells Communications Operators
Five things.
One. A 1987 brand can survive a 2010 product crisis, a 2014 ownership rebrand, a controversial founder’s 11-year public unraveling, and a 2020 IPO that disappointed — if the consumer-facing product stays useful. The McAfee name is still on more than 600 million consumer devices in 2026. The brand outlived every other variable.
Two. Founder separation is a real communications discipline. McAfee Corp has spent the last 15 years answering questions about John McAfee’s public behavior, none of which involved the company. The discipline is to acknowledge the connection factually when asked and not engage with the substance — the playbook every brand carrying a founder name should study.
Three. Security-product failures are zero-defect events. Customers expect zero false positives at the kernel-quarantine level. The communications around that expectation has to anticipate that any single failure becomes the brand’s defining moment for years afterward. Treat the rollout playbook as part of the brand, not as engineering.
Four. Time-to-named-executive-apology is the metric. 2010 McAfee took 48 hours and the lag became the story. 2024 CrowdStrike took hours and got credit for the speed even as the underlying outage was bigger. The metric is now standard cybersecurity-PR doctrine.
Five. Spin-offs reset narrative cleanly. The Trellix and Skyhigh Security separation gave McAfee a clean consumer-only story in 2022 that the company has been able to build on without dragging enterprise complexity. Communications-led portfolio decisions sometimes pay back faster than product-led ones.
Frequently Asked Questions About McAfee
What was the 2010 McAfee DAT crisis?
On April 21, 2010, McAfee released DAT file 5958, which incorrectly flagged Windows XP Service Pack 3’s svchost.exe as malware. The update crashed enterprise PCs worldwide, including machines at Intel, U.S. hospitals, and universities. Recovery required physical access to each affected machine.
Who owns McAfee in 2026?
McAfee was taken private in March 2022 by a consortium led by Advent International, Permira, Crosspoint Capital Partners, Canada Pension Plan Investment Board, GIC, and the Abu Dhabi Investment Authority for $14 billion.
How did John McAfee die?
John McAfee died on June 23, 2021, in a Spanish prison cell hours after a Spanish court approved his extradition to the United States on tax evasion charges. Catalan authorities ruled the death a suicide. He had not been operationally involved with the McAfee company since 1994.
What is the difference between McAfee, Trellix, and Skyhigh Security?
After the 2022 take-private, McAfee focused on consumer cybersecurity (antivirus, identity protection, VPN). The enterprise business was spun out as Trellix (combining FireEye and McAfee Enterprise). The cloud security business became Skyhigh Security. All three are now separate companies.
How did the McAfee crisis compare to the CrowdStrike outage?
Both were faulty security-product updates that crashed Windows machines globally. CrowdStrike’s July 2024 outage affected an estimated 8.5 million machines — larger than McAfee 2010 — but CrowdStrike’s executive-level apology arrived within hours rather than 48 hours, which became the dominant comparison in cybersecurity communications coverage.
Who is McAfee’s CEO?
Greg Johnson has served as McAfee’s Chief Executive Officer since April 2022, following the take-private and consumer-focused restructuring. CTO Steve Grobman leads technical communications including McAfee Labs threat research.
Related coverage on Everything-PR:
