Garmin is the latest company to have every one of its online assets taken down by ransomware (Garmin Connect, Garmin Dive, Garmin Golf, Garmin Coach, flyGarmin, vivofit jr., ConnectIQ, Live Track, Strava, Workouts, Third Party Sync). In this case, the culprit was WastedLocker, which is good because WastedLocker hasn’t yet evolved to add the ability to steal data; it can only encrypt it. This means a smart well executed backup strategy can recover the data.
Here’s a brief excerpt on the topic from a TechCrunch article:
Garmin has said little about the incident so far. A banner on its website reads: “We are currently experiencing an outage that affects Garmin.com and Garmin Connect. This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.” In a brief update on Saturday, Garmin said it had “no indication that this outage has affected your data, including activity, payment or other personal information.”
The two sources, who spoke on the condition of anonymity as they are not authorized to speak to the press, told TechCrunch that Garmin was trying to bring its network back online after the ransomware attack. One of the sources confirmed that the WastedLocker ransomware was to blame for the outage.
One other news outlet appeared to confirm that the outage was caused by WastedLocker.
Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group