[BreachExchange] Garmin obtains decryption key after ransomware attack
Destry Winant
destry at riskbasedsecurity.com
Wed Jul 29 09:46:34 EDT 2020
https://metro.co.uk/2020/07/28/garmin-obtains-decryption-key-ransomware-attack-13046988/
Garmin appears to be getting its services back up and running after a
ransomware attack crippled the company last week. Users are reporting
that services like Garmin Connect, which work with the company’s
fitness trackers, are slowly coming back online.
Last week, malicious software infected Garmin’s corporate network and
encrypted its files. The software, called WastedLocker, was believed
to be deployed by a gang of Russian hackers who demanded a $10 million
ransom was paid in order to restore Garmin’s services to normal.
However, it doesn’t appear that Garmin paid the ransom in order to
wrest back control of its network.
Sources with knowledge of the Garmin incident spoke to Sky News on the
condition of anonymity and said that the company did not directly make
a payment to the hackers.
Meanwhile, Garmin has put out a statement explaining how it reacted to
the situation, but stopped short of giving any details on a ransom
demand. ‘Garmin Ltd. was the victim of a cyber attack that encrypted
some of our systems on July 23, 2020. As a result, many of our online
services were interrupted including website functions, customer
support, customer facing applications, and company communications,’
the company said.
Garmin has been experiencing issues for the last four or five days
(Garmin) ‘We immediately began to assess the nature of the attack and
started remediation. We have no indication that any customer data,
including payment information from Garmin Pay™, was accessed, lost or
stolen. Additionally, the functionality of Garmin products was not
affected, other than the ability to access online services.
‘Affected systems are being restored and we expect to return to normal
operation over the next few days. We do not expect any material impact
to our operations or financial results because of this outage. ‘As our
affected systems are restored, we expect some delays as the backlog of
information is being processed. ‘We are grateful for our customers’
patience and understanding during this incident and look forward to
continuing to provide the exceptional customer service and support
that has been our hallmark and tradition.’
More information about the BreachExchange
mailing list