Garmin Confirms Cyber-Attack

After several days of uncertainty, Garmin this week conceded that it was the victim of a cyber-attack but said that no user data had been stolen. The firm never uses the word “ransomware,” but it’s pretty clear that that was the point of the attack.

“Garmin announced it was the victim of a cyber-attack that encrypted some of our systems on July 23, 2020,” the firm explains in a press release. “As a result, many of our online services were interrupted including website functions, customer support, customer facing applications, and company communications. We immediately began to assess the nature of the attack and started remediation. We have no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen. Additionally, the functionality of Garmin products was not affected, other than the ability to access online services.”

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Since connecting to online services is the functionality of most Garmin products, the firm’s customers are understandably upset about the downtime, which now looks to stretch up to the one-week mark: Garmin now says that it expects “to return to normal operation over the next few days.” But the issues could continue even beyond that, thanks to a backlog of information it will need to process.

Tagged with

Share post

Please check our Community Guidelines before commenting

Conversation 15 comments

  • matsan

    28 July, 2020 - 12:08 pm

    <p>Lost my 325 day long +10k daily step streak… %&amp;@##! Grrr…</p>

    • tomker

      Premium Member
      28 July, 2020 - 12:16 pm

      <blockquote><em><a href="#557343">In reply to matsan:</a></em></blockquote><p>Take a deep breath. It's OK. You lost nothing. It will all upload as long as it's on your device. All my activities from my watch and my bike computer from during this down time uploaded and synced with Strava just fine this morning.</p>

      • matsan

        28 July, 2020 - 12:25 pm

        <blockquote><em><a href="#557345">In reply to TomKer:</a></em></blockquote><p>I'm not sure that's 100% true when it comes to steps. I can see my *activities* synced, but the steps for 23, 24 and 25 of July are missing.</p>

        • tomker

          Premium Member
          28 July, 2020 - 2:00 pm

          <blockquote><em><a href="#557349">In reply to matsan:</a></em></blockquote><p>That's interesting. I just looked and all my steps and other data (heart rate, floors, etc.) synced from my watch to the Garmin app during that period too. Sorry you're not seeing yours. That's quite a streak you have. An as those of us that use this service know, if it doesn't show in the app, it didn't happen! ?</p>

          • matsan

            28 July, 2020 - 2:28 pm

            <blockquote><em><a href="#557374">In reply to TomKer:</a></em></blockquote><p>I have my walks, bikerides and runs from the days as activities in the app but with 0 steps for the days. Well, well. </p>

  • retrodrone

    Premium Member
    28 July, 2020 - 1:02 pm

    <p>Any word on whether or not they paid the ransom?? Hope not. </p>

    • aljfischer

      28 July, 2020 - 2:08 pm

      <p>from another source:</p><p>"with knowledge of the Garmin incident …&nbsp;on the condition of anonymity said that the company …. did not directly make a payment to the hackers."</p><p><br></p><p>What that actually means is left as an exercise to the reader.</p>

      • manteno

        28 July, 2020 - 2:14 pm

        <blockquote><em><a href="#557377">In reply to aljfischer:</a></em></blockquote><p>Translaton: Our ransomware insurance paid out.</p>

      • jbinaz

        28 July, 2020 - 2:23 pm

        <blockquote><em><a href="#557377">In reply to aljfischer:</a></em></blockquote><p>Did not directly make payment? <span style="background-color: rgb(255, 255, 255);">WTH does that even mean?</span> Did they have a bagman drop some cash?</p>

  • cavalier_eternal

    28 July, 2020 - 3:08 pm

    <p>"<span style="color: rgb(0, 0, 0);">the functionality of Garmin products was not affected, other than the ability to access online services."</span></p><p><br></p><p>I have a couple Garmin devices and that statement is particularly amusing given how many features depend on online services. They also don't allow their smartphone app to hold data locally. So if you did something like went for a run, bike, swim or whatever you couldn't see it on the phone app because online services were down. </p><p><br></p><p>A side note, the way they handled this with their customers was just terrible. There was no communication other than a banner in the the phone app that says they were doing maintenance and to try back soon. Arguably that was just straight up dishonest. </p><p><br></p>

    • billreilly

      28 July, 2020 - 5:33 pm

      <blockquote><em><a href="#557402">In reply to cavalier_eternal:</a></em></blockquote><p>I have a Garmin cycling computer and all rides and data are stored in the unit, so when I get home I can save them directly to Strava, Komoot or any other service without using any of Garmin's websites or apps.</p>

      • cavalier_eternal

        28 July, 2020 - 10:00 pm

        <blockquote><em><a href="#557441">In reply to billreilly:</a></em></blockquote><p>Yeah you could upload to Strava, but Strava doesn't offer the detail that Garmin Connect does. Or at least not for running and swimming. <span style="background-color: rgb(255, 255, 255);">So everything for those two was stuck on the watch which also didn't show the full data. </span>For cycling I'm mostly concerned with power and cadence which Strava supports. All the devices lost the ability to send workouts to them which would have been a giant pain in the ass if I had actually been doing tri training. Coronavirus pretty much put a damper on that for the year so everything at this point is base work. Its just dumb that the App on the phone can't show you your workout info and is completely dependent on connecting back to Garmin. </p><p><br></p><p>I have a Edge 1030 that I use for bike touring because of the map support. I actually used it for a ride across Germany two summers ago. That too would have been hobbled because I wouldn't have been able to download the regional maps. Not an issue for me personally during this outage but damn that would have been infuriating to fly to another country and lose the ability to navigate. </p><p><br></p>

  • compunut

    Premium Member
    28 July, 2020 - 5:37 pm

    <p>"We have no indication that any customer data"</p><p><br></p><p>Ummm, so they are staring at a bunch of computers that have been encrypted where they probably can't see anything. Of course there is no 'indication', they are blind to it. &lt;sigh&gt;</p>

    • Paul Thurrott

      Premium Member
      29 July, 2020 - 8:13 am

      Having suffered from a ransomware attack, I understand the language. We said the same thing to our own users because that was the case for us as well. But we also advised users to just reset their passwords because … You never know, I guess. You don’t want to state something with certainty when you’re not really sure.

  • RonV42

    Premium Member
    29 July, 2020 - 7:30 am

    <p>I have no data, sleep , steps, workouts, etc. Nothing is feeding to my work health data that they use for providing discounts on health insurance. Yes the IoT world we are living in is showing how fragile it really is.</p>

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2024 Thurrott LLC