Apparent Massive Garmin Data Breach

Posted on behalf of Arnold Law Firm on Jul 27, 2020 in Data Breach

NOTICE: If you use a subscription Garmin product impacted by the current service outage and possible data breach, contact the Arnold Law Firm at (916) 777-7777.

maleware-screen-warningOn July 23, 2020, Garmin, a GPS navigation and wearable technology manufacturer, abruptly shut down its internal network, production systems and services, including the popular Garmin Connect app, which syncs data about fitness activity with its servers.

Garmin appears to have suffered a large-scale ransomware attack that crippled its infrastructure. Reportedly, Garmin employees were notified that a virus attacked one of the company’s servers, impacting the entire production line. Citing ongoing investigations, Garmin has not yet publicly confirmed this data breach or provided details regarding the apparent security attack.

The company’s website featured a general notice:

“We are currently experiencing an outage that affects Garmin.com and Garmin Connect. This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.”

Security experts speculate the involvement of a new strain of ransomware called WastedLocker – custom code developed by a Russian hacker group known as Evil Corp. If a WastedLocker attack is confirmed, Garmin users may have more reasons for concern beyond being unable to track their workouts for a few days.

WastedLocker malware is known to:

  • Spread through fake software update alerts
  • Distribute through software downloads
  • Steal code-signing certificates and use them to sign malware. Certificates indicate that software comes from a trusted source, allowing malware to evade detection under the guise of legitimate software.

It is currently unclear if any customer data has been lost or stolen. However, ransomware attacks have increasingly involved customer data theft, in addition to file encryption.

Garmin anticipates multiple days of maintenance efforts to resolve the aftermath of the incident, involving shutting down its official website, the Garmin Connect user data-syncing service, Garmin’s aviation database services, and production lines in Asia. The outage also impacted Garmin’s call centers, leaving the company unable to answer calls, emails, and online chats.

Founded in 1989, Garmin offers GPS technology to the automotive, aviation, marine, outdoor, and fitness industry. The Kansas-based company has 14,500 employees in 65 offices around the world with $3.7 billion in annual revenues.

The Arnold Law Firm will continue to monitor this possible data breach and provide updated information as our investigation continues.

If you use a subscription Garmin product impacted by the current service outage and possible data breach, contact the Arnold Law Firm at (916) 777-7777 to discuss your situation and possible developing legal options.