Skip to main content

Garmin services slowly coming back to life after reported ransomware attack

Update: In a Monday afternoon statement, the company confirmed that a cyberattack had impacted Garmin’s services, leading to an outage that impacted fitness devices, GPS gadgets, pilots, and the myriad other services the tech brand has touched in its long history. 

This time it’s the IT department that’s getting the workout.

Servers at fitness wearable maker Garmin are beginning to come back online after a ransomware attack reportedly forced the company to shut down operations last week. Some users with performance wearables that use the Garmin Connect services and app are once again able to sync their data, but all operations aren’t fully up yet, according to a Garmin services status page.

Garmin platforms such as Garmin Dive, Garmin Golf, and Live Track are all online, and any health and wellness data collected during the outage is still on the device, so users will be able to see their data once synced to Garmin Connect. Garmin’s app is still down for service, however, with servers showing limited service of app installation, slow data viewing, and delayed third party sync.

According to BleepingComputer, several flyGarmin services used by aircraft pilots are also down, as well as tracking through the Iridium satellite network.

Garmin app down
The Garmin Connect app warns that “we are down for maintenance.” The service has been down for days, following a reported ransomware attack. Jeremy Kaplan / Digital Trends

“Garmin is currently experiencing an outage that affects Garmin services including Garmin Connect,” the company noted on an outage FAQ posted to its site on Saturday. “As a result of the outage, some features and services across these platforms are unavailable to customers. Additionally, our product support call centers are affected by the outage and as a result, we are currently unable to receive any calls, emails or online chats.”

Garmin declined to offer additional details to Digital Trends.

The ransomware attack was reportedly caused by WastedLocker, malware from a Russian group that calls itself “Evil Corp” and is known for targeting American organizations with malware in exchange for high ransom payments. Garmin has not yet confirmed its loss of service was connected to a malware attack on its FAQ page about the attack, but assured customers that “Garmin has no indication that this outage has affected your data, including activity, payment, or other personal information.”

BleepingComputer reports that sources close to Garmin, as well as an employee at the company, shared screenshots confirming that the WastedLocker ransomware had infested Garmin servers.

Editors' Recommendations