News

Report: Garmin ransomed $10 million in cyberattack

Garmin system outage a result of attack by 'WastedLocker' ransomware, claim reports.

If your weekend rides aren’t uploading from your Garmin device – you’re not the only one.

GPS technology giant Garmin has been battling an outage since Thursday, with reports suggesting the Kansas-headquartered company has been asked to pay a $10 million ransom to free its systems from a cyberattack.

BleepingComputer.com and ZD.net report that Garmin shut down many of its operations Thursday as a result of a “WastedLocker” ransomware attack on its systems. The hack has crippled company I.T., with sources claiming that Garmin has shut down all databases and employee computers to prevent further spread of the ransomware.

“We are currently experiencing an outage that affects Garmin.com and Garmin Connect,” reads a notification on the Garmin website. “This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.”

Reports indicate that Garmin employees shared details of the attack, which is said to attach encrypted ransom notes to company files, telling the recipient to email a provided address to “get a price for your data.” In this case, the attackers are demanding a $10 million ransom, with the hack thought to originate in Taiwan.

Garmin has closed its production lines – also in Taiwan – as it scrambles to resolve the issue and manage an unprecedented spike in reported issues accessing the Garmin Connect training app.

With Garmin’s operations shut down, cyclists, runners and fitness enthusiasts worldwide are unable to log their sessions onto the Connect app, which then syncs with associated platforms such as Training Peaks and Strava, the latter of which has seen a dramatic drop in uploads as a result. With Garmin also providing services to the aviation industry, pilots are unable to download flight plans and access navigational systems via the flyGarmin database.

The outage has also impacted Garmin’s customer service facilities, leaving disgruntled customers without assistance. The company has remained largely silent through the crisis, though new information was published on its website Saturday.

“Although Garmin Connect is not accessible during the outage, activity and health and wellness data collected from Garmin devices during the outage is stored on the device and will appear in Garmin Connect once the user syncs their device,” reads a new FAQ section.

“Garmin has no indication that this outage has affected your data, including activity, payment or other personal information,” it continues.