It’s not just some fitness smartwatch, as the linked Tweet might lead you to think:<p>> Pilots told the tech website that they had not been able to download new Garmin software with up-to-date versions of the aviation database, which is a legal requirement for flying. The Garmin Pilot app, which is used to schedule and plan flights, was also hit by the attack.<p>Source: <a href="https://news.ycombinator.com/item?id=23937097" rel="nofollow">https://news.ycombinator.com/item?id=23937097</a><p>PS in case you’re not into aviation - Garmin is used in smaller aircraft, not airliners but this is still a significant disruption - smaller planes and helicopters carry out important roles such as firefighting, heli ambulance, flying doctors services (e.g. in Australia) rescue ops etc.
The real issue is Garmin's lack of communication.<p>I'd be willing to bet that their legal and finance teams are fighting to keep them from saying anything (their earnings call is on the 29th).<p>So much goodwill is lost by companies that don't communicate when problems are affecting customers.
Rumour has it that it's been caused by a ransomware attack (although Garmin hasn't commented publicly) - I can't think of much else that would cause such a long outage.
My experience with Garmin devices is that the hardware is good but the software is average. GPS device for example are robust and they can function both with batteries and piles BUT the software can crash, searching for names on a map or entering text is almost guarantee to not work. They are years behind Android for example for user friendliness.
Better link with more details: <a href="https://www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/" rel="nofollow">https://www.zdnet.com/article/garmin-services-and-production...</a><p>A couple important excerpts (there's a lot more detail in the article):<p>> ... flyGarmin has also been down today. This is Garmin's web service that supports the company's line of aviation navigational equipment.<p>Other HN commenters have already elaborated on the implications of that.<p>> ... while we confirmed that this is a ransomware attack, we could not 100% verify claims that this was caused by WastedLocker.<p>Garmin hasn't officially commented on the cause, but they did tweet that their call centers are down (<a href="https://twitter.com/Garmin/status/1286278816302850048" rel="nofollow">https://twitter.com/Garmin/status/1286278816302850048</a>):<p>> This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience. (2/2)
<a href="https://status.inreach.garmin.com/" rel="nofollow">https://status.inreach.garmin.com/</a> has some status updates and says that SOS communication isn't affected.
More on this topic: <a href="https://www.theguardian.com/business/2020/jul/24/smartwatch-maker-garmin-hit-by-outages-after-ransomware-attack" rel="nofollow">https://www.theguardian.com/business/2020/jul/24/smartwatch-...</a>
For a view of how GARMIN must feel right now: <a href="https://www.feltet.dk/octo_cms/files/Feltet.dk/Billeder/2014/Lob/Giro_dItalia/1_etape/Giro_2014_1_etape_TTT_Garmin_-_Sharp_styrt_.jpg" rel="nofollow">https://www.feltet.dk/octo_cms/files/Feltet.dk/Billeder/2014...</a>
Two weeks ago I posted that I was suspicious of using 'cloud' based fitness data aggregation systems:<p><a href="https://news.ycombinator.com/item?id=23775957" rel="nofollow">https://news.ycombinator.com/item?id=23775957</a><p>In this case I hate to be proven right, but it's not looking good for Garmin. There's lots of road cyclists out there with $750 useless watches now. I can tell you that after this event the odds of me ever purchasing a Garmin device that relies on anything 'cloud' based have even further decreased.<p>Even if the watches can function offline, how can anybody have any degree of trust that all of their previously uploaded data has not been stolen? Based on the reported use of ransomware and the very lengthy downtime, it really sounds like Garmin's network was owned quite thoroughly. Is there some group out there now in possession of hundreds of thousands of .gpx files with detailed tracking points of peoples' residences, favorite running and cycling routes, and what times of the day they're usually away from home? Nobody knows.<p>After seeing 20+ years and many dozens of instances of data breaches from this that we would now define as 'the cloud', I find that the only solution is to simply not upload to a third party anything you consider proprietary information.<p>Meanwhile my fully offline or local-workstation-hosted GPX based tracking method continues to work normally.
This is not good but sadly any source of massive amounts of user data will continue to be targeted in this day and age. I'm an avid cyclist and use Garmin Edge GPS cycling computers. Luckily they store activities locally. I'm sure I'll be able to sync my rides soon enough ;)
Asked in a related thread already, but bigger audience here: Does anyone know who runs/hosts/maintains/secures GARMIN servers? Are they owned and operated by the company itself or is all or parts of it outsourced?