GPS technology company Garmin is recovering from a recent ransomware attack and has reportedly received a decryption key to recover its files, suggesting it may have paid a ransom, as uncovered byBleeping Computer.
The site found that the attackers used the WastedLocker Ransomware and reported that they demanded $10 million as a ransom. Now, it also uncovered that Garmin is using a decryption key to regain access to its files, suggesting that the company may have paid that ransom demand or some other amount. The WastedLocker software uses encryption which has no known weaknesses, so the assumption is that to break it, the company must have paid the attackers for the decryption key.
Garmin was thevictim of the ransomware attackat the end of July, when hackers succeeded in shutting down services including Garmin Connect, the network which syncs data for Garmin customers using wearables such as watches. Affected systems came back onlinewithin a few days, but services continued to be slow for some users.
As well as the inconvenience for wearables users, the hack had some people worried about more serious consequences as well. Some aviation navigation software like the flyGarmin app was also affected, meaning it could have been in breach of Federal Aviation Authority (FAA) requirements.
The company reassured customers that no customer data was stolen, and that no payment information from the Garmin Pay payment system was accessed or stolen either.
OnTwitter, the company announced last week, “We are happy to report that many of the systems and services affected by the recent outage, including Garmin Connect, are returning to operation. Some features still have temporary limitations while all of the data is being processed.”
When asked for comment on these reports, a Garmin representative pointed Digital Trends to astatement the company madeabout the incident last week and said it had no further comments at this time.
Update June 21, 2025: Added response from Garmin
