GarminPocalypse: Oh, it’s a hack – BBC confirms, Garmin issues 2nd Statement
Hey, guess what? It was a hack. Or, as Garmin say in their statement today,
“OLATHE, Kan.–(BUSINESS WIRE)–Garmin Ltd. (NASDAQ: GRMN), today announced it was the victim of a cyber attack that encrypted some of our systems on July 23, 2020. As a result, many of our online services were interrupted including website functions, customer support, customer facing applications, and company communications. We immediately began to assess the nature of the attack and started remediation. We have no indication that any customer data, including payment information from Garmin Pay™, was accessed, lost or stolen. Additionally, the functionality of Garmin products was not affected, other than the ability to access online services.
“Affected systems are being restored and we expect to return to normal operation over the next few days. We do not expect any material impact to our operations or financial results because of this outage. As our affected systems are restored, we expect some delays as the backlog of information is being processed. We are grateful for our customers’ patience and understanding during this incident and look forward to continuing to provide the exceptional customer service and support that has been our hallmark and tradition.”
Source: Garmin
Perhaps the BBC forced Garmin’s hand in an article today which, whilst it re-hashed, just about everything we’ve heard so far, it also added comments from an unnamed source of theirs (now removed) and yes the BBC do change the content in their posts (Source: waybackmachine).
Source: bbc
Drama over, let’s get back to training. Let’s hope that data makes it’s way back too.
The Story as it unfolded
- Ransomware rumoured as major outage becomes clear
- Vaguely interesting stat show complete lack of data from Garmin Connect going to STRAVA
- TrainingPeaks sensibly recommends a password change in certain circumstances
- Possible evidence of the hack and ransom demand (only one source)
- Garmin speaks out
- Partial re-start underway (this post)
- What data is lost?
You might also like
- Must Read: STRYD Review
- Must Read: Garmin Edge 1030 Plus Review
- Must Read: Best Triathlon Watch
- Must Read: Best Running Watch
- Must Read: Apple Watch 6 PRO speculation for September
Reader-Powered Content
This content is not sponsored. It’s mostly me behind the labour of love which is this site and I appreciate everyone who follows, subscribes or Buys Me A Coffee ❤️ Alternatively please buy the reviewed product from my partners. Thank you! FTC: Affiliate Disclosure: Links pay commission. As an Amazon Associate, I earn from qualifying purchases.
945 v3?
my third one !
nothing to get excited about.
in reality there may be lots of sub production version that none of us ever hear about eg the 2nd such version would have had the buttons silently fixed etc etc with subtle hardware changes
This morning GarminConnect and GarminExpress are again not functional. I still can’t reinstall my FR945 settings and CIQ app. I thought it was OK from yesterday.
“Additionally, the functionality of Garmin products was not affected, other than the ability to access online services”
Ok, Garmin, if functionality of Garmin products was not affected, tell me how can I download again my CIQ app…
Instead of running, today I spent another hour trying to setting up again my FR945. It’s already 10 AM. They told that the weak point of the FR945 was the Sony GPS chipset, in my opinion it’s his frustrating experience with internet (online services) and Garmin Connect in general. How many times do we have to read again “our servers are down”? OK, now they were hacked, but it’s not the first time that their servers are down.
My rant is over, I promise I won’t complain any more.
It’s good to complain and get rid of the negative thoughts…have a positive “rest of the day”
All rumour & hearsay but I read on a running forum that they paid up to decrypt the data, copied post below:
https://www.reddit.com/r/sysadmin/comments/hy3sn0/how_fucked_is_garmin_any_insiders_here/fzb2uq7/
TL;DR seems like all backups were corrupted/encrypted FIRST and then the other systems taken down. So they paid the ransom or they lost all user data.
Multiple sources saying that Garmin obtained the decryption key, but did not ‘directly’ pay the hackers. Most times, corps will pay a middle man company to look after the payment, that way they can’t be fined by US Government for entering transactions with someone who is sanctioned, Evil Corp in this case.
yes that was my assumption about what happened.
on the occasions where i looked at corporate backups they were always done very carefully and in a super-considered and safe way. Except no-one ever tested the restore procedure.
middle man: well. who pays the middle man, that’s collusion and equally as guilty in my eyes. I think the ‘crime’ of paying is unfair on Garmin (if they paid)
I’ve seen a single person (stupidly) click on some email attachment at work & end up with all their files encrypted. Luckily we have daily snapshots going back 10 days so an easy fix. That little mishap was amateur hour compared to what happened to Garmin but shows how easily these things can happen.
This had to be a probe of their system over a long period of time. I would not be surprised of some internal support within Garmin to find said Zero-Day exploit.
That is just a opinion based on no information on my end.