I do a lot of running and cycling. I compete (against myself) in triathlons and have a lot of friends in the sport. I mention this because when Garmin has outage, I hear about it! All of my social feeds were full of posts like:
– OMG, Garmin!
– I can’t share my run, trust me.. I ran.. and it was fast!
– What?! No Garmin?
I know, it’s an exciting life.
Garmin wasn’t just down for system maintenance – they were almost down for the count! In a scene straight out of Mr. Robot, Garmin was reportedly hacked for ransom. According to Tech Crunch, instead of Rami Malek (from Mr. Robot), Evil Corp may have been behind the ransom attack and was looking for $10 million.
Instead of customers receiving a message that provided any kind of valuable feedback on the error, they received “system maintenance” messages on their devices and on the website. I can understand the vagueness of that message initially, but even after 48 hours customers were not getting an email about the situation and the website still said that it was just “temporarily unavailable.”
Instead of wondering what Elliot and Darlene are plotting with Mr. Robot, I’d like to question two issues with Garmin’s (lack of) responses: UX Feedback and System Error Recognition.
Feedback is one of Don Norman’s Design Principles: it’s “sending back information about what action has been done and what has been accomplished, allowing the person to continue with the activity. Various kinds of feedback are available for interaction design-audio, tactile, verbal, and combinations of these.” I can understand the initial message on the website or app, but shouldn’t the “feedback” be reflective of what is actually happening? There are probably technical reasons why this can’t be done, but I’d like some transparency.
Do I really need a server ID, timestamp, and a message telling me that my Garmin data can’t load on the site because of “system maintenance?” This message was posting 48 hours after the attack and after Tech Crunch, CNET and others could write about it.
I know this is 2020 and anything goes, but in a perfect world, I would like to see more transparency, crisis communication, customer centered messaging. If you’ve met a runner (or triathlete), you know three things:
- they like to talk about their training,
- never forget the first point, and
- never underestimate the vanity of the runner.
Garmin has this built into the DNA of the athletes they serve. Garmin could have tapped into their super powers by being more transparent, providing clear communication on their owned properties, and pushing messages to their customers through email. Perhaps a communication could have looked like this:
My fellow athletes – our Garmin sites have been attacked by people who probably have a 0.0 sticker on their car. Your privacy and personal information is our #1 priority and at this point, we do not think it has been compromised, but your weekend accomplishments can’t load right now. This ransom attack is more than an assault on our servers, it’s a slap in the face to you, our customers, and our community. We will continue to work with our tech team and the authorities to recover your weekend accomplishments. In the meantime, don’t press pause, keep running, cycling, hiking and attacking your goals. We support you and we can’t wait to celebrate with you.
If you were Garmin, what would you have done?