Garmin hack: Connect service went down in cyber attack, company confirms as outage continues

Company stresses that users' data appears to be safe despite being locked up in ransomware attack

Andrew Griffin
Monday 27 July 2020 17:31 BST
Comments
Jack Bauer of New Zealand and Garmin-Sharp reacts after the finish as he was the last rider of the breakaway caught by the field sprint in the final meters of the fifteenth stage of the 2014 Tour de France
Jack Bauer of New Zealand and Garmin-Sharp reacts after the finish as he was the last rider of the breakaway caught by the field sprint in the final meters of the fifteenth stage of the 2014 Tour de France (Doug Pensinger/Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Garmin was hit by a major cyber attack, the company has confirmed.

Its online services have been hit by an ongoing, days-long outage that left many of its products without some of their key features.

Now Garmin has confirmed that it was hit by a hack, but that users' personal data appears to be safe.

The company "was the victim of a cyber attack that encrypted some of our systems", it said, suggesting that rumours it had been hit by a ransomware attack – in which files are encrypted by hackers who free them in return for payment – were correct.

"As a result, many of our online services were interrupted including website functions, customer support, customer facing applications, and company communications," it said. "We immediately began to assess the nature of the attack and started remediation.

"We have no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen. Additionally, the functionality of Garmin products was not affected, other than the ability to access online services."

Garmin's online services – including the Connect platform that is used by its devices for some of their central features – began to come back online on Monday morning. But the company stressed that there may still be problems over the coming days as the fallout from the hack continues.

"Affected systems are being restored and we expect to return to normal operation over the next few days," Garmin said in a statement. "We do not expect any material impact to our operations or financial results because of this outage. As our affected systems are restored, we expect some delays as the backlog of information is being processed."

Garmin had said very little during the outage, initially only confirming that its systems were down, though it released an update on Saturday evening to assure users that their data appeared to be safe. The new statement, issued on Monday evening, was the first time the company confirmed the problems had been caused by a cyber attack.

It did not confirm the nature of the hack, which rumours have indicated may been the result of the "WastedLocker" attack that has already been used on a number of other high-profile companies. It also gave no detail on how the company had recovered from the attack, such as whether any kind of ransom had been paid.

Because Garmin products rely heavily on their connection to phones and to the company's online services, many features stopped working as soon as they were knocked offline. It meant that users of its aviation products were unable to update their maps, for instance, and the fitness products could not easily upload activities or pull down new courses.

Users have been able to carry out a manual workaround to get information onto and off their products, as Garmin's online services continue to be hit by problems.

Strava data showed the full impact of that outage, with the number of activities being uploaded to the service rapidly dropping as the outage hit.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in