Garmin Connect Back Online After Outage Due to Ransomware Attack [u]

After a four-day outage, Garmin services are starting to come back online. A ransomware attack took Garmin offline last week, causing a huge headache for its customers, as they were unable to access activity and fitness data, plus upload activities from Garmin devices.

“We are happy to report that Garmin Connect recovery is underway,” explains the Garmin Connect System Status page. “We’d like to thank you for your understanding and patience as we restore normal operations.”

Garmin Connect is listed as available in “limited” capacity, while Garmin Golf, Garmin Dive and LiveTrack are listed as “online”. Garmin’s ConnectIQ apps cannot be installed right now, while vivofit Jr. may have some stats delayed. The main feature of users being able to upload activities is back online.

According to the BBC, unnamed sources tell the publication Garmin is in the “final stage of recovery”.

Last week, it was reported the malware known as ‘Wasted Locker’ locked down Garmin’s computers, resulting in a huge SNAFU for the company. The ransomware demands users pay in order to unlock files and was claimed to be at $10 million USD. It’s unclear if Garmin ended up paying funds to unlock its computers.

An email sent out to customers by Garmin said delays of up to a “week or longer” could take place for data to come back to user accounts, due to a major backlog. Garmin also reiterated there was “no indication” data had been stolen or removed due to the incident.

The Garmin Connect outage meant customers wanting to upload activity data to third party services such as Strava, were unable to on the weekend.

In our own case, we had to manually upload a Garmin file to Strava’s website from our Mac (using a USB cable), to sync a recent ride on the weekend #firstworldproblems. As of writing, Strava Beacon, segments, routes and activity uploads are back online, but the latter may see a delay in being posted to Strava.

Update July 27: Garmin has officially responded this morning to the incident, saying “it was the victim of a cyber attack that encrypted some of our systems on July 23, 2020. As a result, many of our online services were interrupted including website functions, customer support, customer facing applications, and company communications.”

Garmin added, “We immediately began to assess the nature of the attack and started remediation. We have no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen. Additionally, the functionality of Garmin products was not affected, other than the ability to access online services.”

Systems affected are “being restored and we expect to return to normal operation over the next few days. We do not expect any material impact to our operations or financial results because of this outage.”