After all of Garmin’s services were knocked offline last week, it looks like the company’s various platforms are slowly sputtering back to life. Users on Twitter have joyfully noted that activities since Wednesday are starting to sync, while Garmin’s website lists which services have returned online.
That doesn’t mean everything is up and running at 100%. Garmin’s website still displays the same message from over the weekend, noting that the outage is impacting call centers and the company’s ability to receive calls, emails, or online chats. For instance, while platforms like Garmin Dive, Garmin Golf, and LiveTrack are listed as being online, Garmin Connect, ConnectIQ, and vivofit Jr. are listed as having “limited” connectivity.
Likewise, not all of Garmin’s features are fully back online either. As of this writing, activity details and uploads, dashboard, device registration, incident detection and assistance, reports, and segments are reportedly working fine. However, it would appear that generally speaking, more advanced features and syncing to third-party platforms—including Strava—might be experiencing delays. On Sunday night, Strava posted an update on its support page noting that activities from the three-day outage will automatically upload but that “given the volume, this may take a week or longer.” (Strava’s support page also details how you can manually upload Garmin workouts, in case you just can’t wait that long.)
While reports, including those from ZDNet and TechCrunch, have said the outage was caused by the WastedLocker ransomware, that has yet to be officially confirmed by Garmin. A BleepingComputer report cites a source as stating the people behind the attack, which may have begun in Taiwan, are demanding a $10 million ransom. It should, however, be noted that BleepingComputer was unable to independently verify the amount. Gizmodo’s emails to Garmin last week bounced back, and a followup did not immediately receive a response.
That said, Garmin has also published a short FAQ regarding the outage. In it, it notes that a user’s activity during the outage are stored locally on-device and will eventually make it online via Garmin Connect. It also says Garmin’s inReach SOS customers were not impacted by the outage, and that the company has “no indication that this outage has affected your data, including activity, payment, or other personal information.”
Even if no customer data was leaked, it’s probably a good idea to change your Garmin password as soon as possible.
Since initial publication, Garmin has confirmed via a public statement that it was the victim of a “cyber attack that encrypted some of our systems on July 23, 2020.” It did not, however, specify whether this was in fact WastedLocker. Instead, the company reiterated that it had no indication that customer data was accessed or stolen. It also stated that it expects normal operations to return over the next few days.
Update, 07/27/2020, 1:10 pm: Added information from Garmin’s public statement.