Cybercrime , Endpoint Security , Fraud Management & Cybercrime
Garmin Confirms Hackers Encrypted Several Systems
But Navigation and Smartwatch Company Stops Short of Saying 'Ransomware'Garmin broke its silence Monday, acknowledging that a hack attack that encrypted several of its systems last week led to outages that affected several of the company's fitness and aviation products along with knocking its homepage and customer service centers offline. As of Monday, several of the affected services were again operating (see: Garmin Tight-Lipped About Cause of Outage).
See Also: Live Webinar | Crack Australia’s Code on Ransomware: Empowering Your Last Line of Defence
"Garmin Ltd. today announced it was the victim of [an online attack] that encrypted some of our systems on July 23, 2020. As a result, many of our online services were interrupted, including website functions, customer support, customer-facing applications and company communications," the company says in a Monday statement.
While the company did not use the specific term, the incident apparently involved a ransomware attack.
Garmin reiterated that it doesn’t believe hackers exfiltrated any data from its network.
"We have no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen," the company says, adding that consumer fitness data compiled on its products and apps was not lost and will be tracked.
The company did not immediately reply to an Information Security Media Group inquiry for further details.
Garmin says it expects all affected systems to be restored over the next few days. The company does not anticipate "any material impact to our operations or financial results because of this outage." It's scheduled to release its second-quarter earnings report on Wednesday.
At the height of the attack on Thursday, Garmin's primary website was offline along with its call center, the Garmin Connect fitness tracking service and some of its aviation navigation products, according to a company FAQ. As of Monday, the homepage and customer service center were functioning, along with Garmin Pilot Apps, flyGarmin, Connext Services and FltPlan.com. Garmin Connect, however, apparently was still not functional.
WastedLocker Ransomware Involved?
Published reports last week pointed to Garmin being victimized by Evil Corp's WastedLocker ransomware, based on social media posts reportedly made by Garmin employees who had knowledge of the attack.
WastedLocker is a relatively new ransomware strain that has been attributed to Evil Corp, a cybercrime group better known for its use of the Dridex banking Trojan (see: Evil Corp's 'WastedLocker' Campaign Demands Big Ransoms).