Garmin confirms cyber attack caused system outage

Activity and location tracker company Garmin has confirmed that last week's outage was caused by a cyber attack that encrypted some of its systems, but stopped short of saying it was caused by ransomware.

On July 24, many of Garmin's online services went offline along with its call centres, email and online chat systems.

Users were unable to access the services and sync their data, and the outage affected Garmin's avionics products as well.

Now Garmin said it "was the victim of a cyber attack that encrypted some of our systems". 

"As a result, many of our online services were interrupted including website functions, customer support, customer-facing applications, and company communications," Garmin said.

Despite the attack causing a widespread outage, Garmin said it has no indicaiton that any customer data was accessed, lost or stolen.

This includes payment information from Garmin Pay.

Garmin did not provide further detail on the extent of the damage, or which kind of ransomware that was used to encrypt its systems.

Earlier reports claimed the Evil Corp criminals, best known for their Dridex banking malware that has caused hundreds of millions of dollars in losses worldwide, were behind the attack on the Taiwanese vendor, but Garmin has not confirmed or denied this.

The Russian criminals were said to have used the WastedLocker ransomware, demanding US$10 million to provide a decryption key for the scrambled files.

Again, Garmin has not confirmed whether or not it paid the ransom demand.

Evil Corp members and associated companies have been sanctioned by the United States government, making it illegal to have any dealings with them.

A leaked internal email pointed to Garmin being forced to close down production at its Taiwanese plant for two days last weekend.

Nevertheless, Garmin said it does not expect there to be any material impact to its operations.

Garmin said it is restoring the affected systems and expects to be back to normal operation over the next few days, and asked users to be patient while a backlog of information is being processed.

Many of the Garmin Connect services are back online now, but several only provide limited functionality.

The company's FlyGarmin, Pilot Apps, Connext and FltPlan avionics services are online again, but email and online chats remain out.