Cybercrime , Endpoint Security , Fraud Management & Cybercrime

Garmin Confirms Hackers Encrypted Several Systems

But Navigation and Smartwatch Company Stops Short of Saying 'Ransomware'
Garmin Confirms Hackers Encrypted Several Systems
Garmin posted an apology to its customers following multiple outages (Source: Garmin's Facebook page)

Garmin broke its silence Monday, acknowledging that a hack attack that encrypted several of its systems last week led to outages that affected several of the company's fitness and aviation products along with knocking its homepage and customer service centers offline. As of Monday, several of the affected services were again operating (see: Garmin Tight-Lipped About Cause of Outage).

See Also: The Healthcare CISO’s Guide to Medical IoT Security

"Garmin Ltd. today announced it was the victim of [an online attack] that encrypted some of our systems on July 23, 2020. As a result, many of our online services were interrupted, including website functions, customer support, customer-facing applications and company communications," the company says in a Monday statement.

While the company did not use the specific term, the incident apparently involved a ransomware attack.

Garmin reiterated that it doesn’t believe hackers exfiltrated any data from its network.

"We have no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen," the company says, adding that consumer fitness data compiled on its products and apps was not lost and will be tracked.

The company did not immediately reply to an Information Security Media Group inquiry for further details.

Garmin says it expects all affected systems to be restored over the next few days. The company does not anticipate "any material impact to our operations or financial results because of this outage." It's scheduled to release its second-quarter earnings report on Wednesday.

At the height of the attack on Thursday, Garmin's primary website was offline along with its call center, the Garmin Connect fitness tracking service and some of its aviation navigation products, according to a company FAQ. As of Monday, the homepage and customer service center were functioning, along with Garmin Pilot Apps, flyGarmin, Connext Services and FltPlan.com. Garmin Connect, however, apparently was still not functional.

WastedLocker Ransomware Involved?

Published reports last week pointed to Garmin being victimized by Evil Corp's WastedLocker ransomware, based on social media posts reportedly made by Garmin employees who had knowledge of the attack.

WastedLocker is a relatively new ransomware strain that has been attributed to Evil Corp, a cybercrime group better known for its use of the Dridex banking Trojan (see: Evil Corp's 'WastedLocker' Campaign Demands Big Ransoms).


About the Author

Doug Olenick

Doug Olenick

Former News Editor, ISMG

Olenick has covered the cybersecurity and computer technology sectors for more than 25 years. Prior to his stint as ISMG as news editor, Olenick was online editor for SC Media, where he covered every aspect of the cybersecurity industry and managed the brand's online presence. Earlier, he worked at TWICE - This Week in Consumer Electronics - for 15 years. He also has contributed to Forbes.com, TheStreet and Mainstreet.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.