A cyberattack on July 23 knocked Garmin offline, disabling the company's online products and customer support. The company reported July 27 that most functions had been restored.
Garmin spokesperson Jessica Koss, reached via cellphone early on July 27, said the company was still working to resolve a computer problem that disabled many Garmin products, including the flyGarmin web portal that supports the Garmin Pilot electronic flight bag app. Hours later, most of Garmin's online problems had been resolved, though a flyGarmin system status message indicated that customer support staff remained unreachable by email and chat, with limited capacity for telephone support.
Garmin said there is no reason to believe that customer data was compromised:
"We have no indication that any customer data, including payment information from Garmin Pay™, was accessed, lost or stolen. Additionally, the functionality of Garmin products was not affected, other than the ability to access online services," the company said.
While users of Garmin aviation products were certainly inconvenienced by the loss of internet connectivity and functions that depend on that, such as electronic flight plan filing, the timing could have been worse: Electronic navigation charts and instrument procedures were last updated on July 16, and the next update of the downloaded data is scheduled for August 13. Koss said the next aeronautical navigation database update will be available for download by FliteCharts subscribers on August 11.
The Associated Press reported July 24 that the disruption affected Garmin Connect, the company’s fitness tracking service, as well. Koss cautioned that some published reports contained inaccurate information, and Garmin GPS navigation systems and other avionics were not actually affected by the outage, though features and functions that require an internet connection were disrupted. The company’s email system was back online July 27; its telephone and other communications systems had also been offline for days, limiting Garmin’s ability to communicate with customers and the media.
An alert message displayed on Garmin’s website during the outage linked to a page that notes Garmin’s satellite communications products were not affected: “inReach SOS and messaging remain fully functional and are not impacted by the outage. This includes the MapShare website and email reply page.”
Multiple media outlets reported, based on information from unnamed sources, that Garmin was the target of a ransomware attack by hackers using a cyber weapon known as WastedLocker.
Garmin declined to immediately confirm the nature of the problem, and did not say whether the company had paid a ransom or overcome the attack in other ways. If published reports prove accurate regarding the nature of the attack and identity of the perpetrators, it may help explain why a giant multinational company struggled for days to restore communications and online services. By some accounts, the alleged ringleader of a Russian hacking operation reported to be behind the attack is wanted by the FBI and has been sanctioned by the U.S. government, which means that paying any ransom would violate federal law.
"We expect to return to normal operation over the next few days," Garmin said July 27. "We do not expect any material impact to our operations or financial results because of this outage."
Garmin is scheduled to report its quarterly earnings on July 29.
“As our affected systems are restored, we expect some delays as the backlog of information is being processed," Garmin concluded. "We are grateful for our customers' patience and understanding during this incident and look forward to continuing to provide the exceptional customer service and support that has been our hallmark and tradition.”