Garmin GPS services out for 4 days due to WastedLocker ransomware attack

Written 10 days ago by IanDorfman

GPS and navigation company Garmin is back online following a 4-day major worldwide service outage caused by a ransomware attack.

Some of the impacted services that were made unavailable due to what was later disclosed as a WastedLocker ransomware attack include the company's main Garmin.com website and its Small Garmin Connect iconGarmin Connect service. This is in addition to disruptions across its call centers and other connected services, including GPS navigation.

In a report by BleepingComputer, an anonymous Garmin employee revealed that the company's employees were first made aware of the attack when arriving at work on Thursday morning. The company's IT department attempted to remotely shut down any computer connected to its network but was unsuccessful. It then told all employees to shut down any computer connected to the corporate network that they had access to.

In order to prevent further permanent damage from ransomware encryption of all Garmin network-connected computers, the company decided to manually shut down their data center devices, which resulted in the days-long global outage.

Garmin has put out the following statement concerning user data and service availability following the outage:

"We have no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen. Additionally, the functionality of Garmin products was not affected, other than the ability to access online services. Affected systems are being restored and we expect to return to normal operation over the next few days."

Further coverage:
Garmin.com
BleepingComputer