The notification on the company’s website reads, in part as follows:
“We are currently experiencing an outage that affects Garmin.com and Garmin Connect. This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.”
The same message was displayed on the company’s Facebook page, and was sent out on the company’s Twitter account.
This outage and the fallout from it, is ongoing, and specifics and details have proved to be somewhat difficult to come by. At present, there are unconfirmed reports that the outage stems from a successful WasterLocker ransomware attack executed against the company’s network that impacted an unknown number of systems and servers. However, the information leaking out from company employees is somewhat contradictory.
Assuming that the general buzz regarding a successful WasterLocker attack is correct, then odds are good that the damage to company resources was extensive. WasterLocker is well known for launching sophisticated attacks and demanding ransoms that frequently run into the millions of dollars.
Unfortunately, this isn’t the first time in recent months that Garmin has found itself in the crosshairs. Late last year, Garmin Southern Africa publicly disclosed that they were the victim of a Magecart attack that saw customer payment and other sensitive information stolen from any customer who had placed orders on the company’s shop.garmin.co.za portal.
Given the fact that ransomware attackers are known to steal copies of data before they encrypt files on the network, it’s likely that at least some sensitive customer information was taken. Again, at this point, we have no details from the company. We can only assume those will be forthcoming in the near future.