One82 Blog

Garmin Ltd. Forced to Pay $10 million to Recover Stolen Data

Written by Joe Marcal | Sep 17, 2020 9:35:49 PM

     
  Ransomware Amount
$10,000,000
 
     
  Impact of Attack
Website downtime, loss of
access to critical files
 
     


On July 23, 2020 a Russian-based hacker group successfully deployed a full-scale ransomware attack on Garmin Ltd. As a result, the producer of GPS technology and wearable experienced downtime on its website and lost access to critical files on its internal networks and production systems. The hacker group known as Evil Corp initially sought $10 million from Garmin to release a decryption key to access the data. However, the U.S. government prohibits transactions between U.S. individuals and Evil Corp., which has been officially classified as a cyber threat to U.S. interests.

Despite this, Garmin reportedly hired a third-party organization to transact on its behalf, so that they could pay the ransom to restore their stolen data. Fortunately, Garmin’s products were not affected beyond the lost access to online services during the attack. These kinds of attacks place the most sophisticated organizations in a difficult spot. Once important and confidential data is compromised, it can be sold on black markets and the costs of potential lawsuits begin to dwarf the ransom price demanded by hackers. Ransomware is a growing threat that calls for vigilant cyber security.