{
	"id": "3d48fc13-c995-48b6-a739-724be76fe8b1",
	"created_at": "2026-04-06T01:30:15.72763Z",
	"updated_at": "2026-04-10T03:22:14.112714Z",
	"deleted_at": null,
	"sha1_hash": "cf22cd64c3f2e538b108af86e14dd1200cc0443d",
	"title": "Garmin services and production go down after ransomware attack",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 691852,
	"plain_text": "Garmin services and production go down after ransomware attack\r\nBy Catalin Cimpanu\r\nPublished: 2020-07-23 · Archived: 2026-04-06 00:51:07 UTC\r\nSmartwatch and wearables maker Garmin has shut down several of its services on July 23 to deal with a\r\nransomware attack that has encrypted its internal network and some production systems, ZDNet has learned.\r\nThe company is currently planning a multi-day maintenance window to deal with the attack's aftermath, which\r\nincludes shutting down its official website, the Garmin Connect user data-syncing service, Garmin's aviation\r\ndatabase services, and even some production lines in Asia.\r\nIn messages shared on its website and Twitter, Garmin said the same outage also impacted its call centers, leaving\r\nthe company in the situation of being unable to answer calls, emails, and online chats sent by users.\r\nThe incident didn't go unnoticed and has caused lots of headaches for the company's customers, most of which\r\nrely on the Garmin Connect service to sync data about runs and bike rides to Garmin's servers, all of which went\r\ndown on Thursday.\r\ngarmin-outage.png\r\nImage: Victor Gevers\r\nBut in addition to consumer wearables and sportswear, flyGarmin has also been down today. This is Garmin's web\r\nservice that supports the company's line of aviation navigational equipment.\r\nPilots have told ZDNet today that they haven't been able to download a version of Garmin's aviation database on\r\ntheir Garmin airplane navigational systems. Pilots need to run an up-to-date version of this database on their\r\nhttps://www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/\r\nPage 1 of 3\n\nnavigation devices as an FAA requirement. Furthermore, the Garmin Pilot app, which they use to schedule and\r\nplan flights, was also down today, causing additional headaches.\r\ngarmin-aviation.png\r\nWhen ZDNet reached out for comment earlier, a Garmin spokesperson declined to confirm that the outage was\r\ncaused by a ransomware attack, citing an ongoing investigation, and they redirected us to a message the company\r\nhad shared on its website and Twitter profile.\r\nThis outage also affects our call centers, and we are currently unable to receive any calls,\r\nemails or online chats. We are working to resolve this issue as quickly as possible and\r\napologize for this inconvenience. (2/2)\r\n— Garmin (@Garmin) July 23, 2020\r\nHowever, since the incident took root at around 03:00am UTC, several Garmin employees took to social media to\r\nshare details about the attack, all calling it a ransomware attack. ZDNet has interviewed several and confirmed\r\ntheir claims. Employees from across two continents were told by their local IT staff on Thursday to shut down\r\ncomputers as ransomware was being spread across several branches, via its interconnected internal network.\r\nSome Garmin employees speaking online attributed the incident to a new strain of ransomware that appeared\r\nearlier this year, called WastedLocker. ZDNet has not been able to verify this particular claim.\r\nHowever, the incident appears to be much larger and more devastating than Garmin indicated via its initial\r\nstatement.\r\niThome, a Taiwanese tech news dedicated to IT topics and smart devices, shared an internal memo that Garmin's\r\nIT staff sent its Taiwan factories, announcing two days of maintenance mode planned for Friday and Saturday,\r\nJuly 24 and July 25.\r\nWhile the memo didn't specifically blame the impromptu maintenance mode on a ransomware attack, sources told\r\nthe Taiwanese news site the incident was caused by a \"virus\" confirming what we were told by employees.\r\nIn today's cyber-security landscape, only ransomware attacks have the destructive power to cause companies to\r\nshut down production lines, online services, websites, email servers, and call centers in a matter of hours and enter\r\ninto an impromptu maintenance mode.\r\nMust read:\r\nRansomware is now your biggest online security nightmare. And it's about to get worse \r\nRansomware attacks jump as crooks target remote working \r\nRansomware attack locked a football club's turnstiles \r\nThe reach of the infection remains unknown to third-party observers. Besides home consumer-grade wearables,\r\nsportswear, and smartwatches, Garmin also provides mapping and tracking solutions/equipment for the\r\nautomotive and maritime industry. The impact of the ransomware attack on these services remains unclear.\r\nhttps://www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/\r\nPage 2 of 3\n\nIt also remains unclear if any customer data has been lost or stolen during today's incident. Over the past several\r\nmonths, ransomware gangs have modified their modus operandi to also include data theft besides file encryption.\r\nUntil Garmin manages to restore its services, users have now taken to social media sites to share tips with each\r\nother on how to save run and bike ride information to Garmin partner services, such as Strava, to avoid losing\r\nworkout information.\r\nto all the people freaking out because @garmin @GarminFitness services have been\r\ndown for 7+ hours: mount you watch via USB on your computer-\u003ebrowse to the\r\nactivities directory-\u003etake today's .fit file-\u003emanually upload it to a 3rd party service (e.g.\r\nstrava)-\u003ebreath\r\n— Marco Abis (@capotribu) July 23, 2020\r\nThis is a developing story. More updates will follow.\r\nSource: https://www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/\r\nhttps://www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/"
	],
	"report_names": [
		"garmin-services-and-production-go-down-after-ransomware-attack"
	],
	"threat_actors": [],
	"ts_created_at": 1775439015,
	"ts_updated_at": 1775791334,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/cf22cd64c3f2e538b108af86e14dd1200cc0443d.pdf",
		"text": "https://archive.orkl.eu/cf22cd64c3f2e538b108af86e14dd1200cc0443d.txt",
		"img": "https://archive.orkl.eu/cf22cd64c3f2e538b108af86e14dd1200cc0443d.jpg"
	}
}