‘I fell prey to Garmin South Africa malware attack’

A senior software developer was almost out of pocket to the tune of R2 000 after his card details were compromised in a malware attack on Garmin South Africa’s website.

Ashley Kleynhans said he ordered a suction cup for his Garmin dashcam from the Garmin website, which resulted in his card details being compromised.

As a result, more than R2 000 was stolen from his account on a “dating and escort” site called Pairs before he was able to block his card to prevent “even more fraudulent transactions from going through”. Fortunately for Kleynhans, his quick action in response meant he managed to recover the money and stop more fraud from taking place.

Garmin South Africa said on its website on Friday that it had “recently become aware of a theft of customer data as part of a criminal cyberattack that affected customers who placed an order through shop.garmin.co.za”.

“This e-commerce site was operated by a third party on behalf of Garmin South Africa,” the company said.

“Promptly after learning of this incident, we immediately shut down the impacted system, began an investigation, and contacted the South African Information Regulator.”

Kleynhans, who banks with FNB, was fortunate in that the fraudulent transactions were only “reserved” and not actually fully debited against his account. The fraudulent transactions took place on Saturday, 7 September at about 7.40pm.

‘Suspicious transactions’

“I contacted FNB quickly enough to reverse them, so they didn’t actually go through,” he told TechCentral. “FNB’s fraud systems also detected the first transaction as fraud and sent me an SMS saying they have detected suspicious transactions on my card and to say ‘Y’ if they are me and ‘N’ if they are not, so I replied to ‘N’.”

He then reported all the transactions to the bank and cancelled his card through the the FNB app and and ordered a new one “because it’s much faster than talking to a human being”.

“I managed to prevent an additional fraudulent transaction from being declined by doing this. I then responded to the SMS afterwards and spoke to a call centre agent at FNB who reported the transactions as fraud and said they would need to investigate, and that it would take up to seven business days for them to be reversed. They were actually reversed by FNB in about two days, though,” he said.

“I e-mailed Garmin to inform them that fraud had been committed against my card due to their negligence and asked what steps they were taking to ensure that nothing like this would happen again, but they were unfortunately extremely unhelpful…”

In its statement, Garmin said it does not store credit card information, but an “unauthorised party leveraged virtual skimming technology to capture customer details at the time of input, including credit card information”.

“The compromised data was limited to Garmin’s South Africa website, which uses a separate e-commerce system operated by a third party,” it said. “This incident affected less than 6 700 customers in South Africa and does not affect customers who purchased from other Garmin websites in other regions.

“We take our obligation to safeguard personal data very seriously and regret any inconvenience this may have caused our customers. We are in communication with our South African customers who may have been affected by this issue and are working on safeguards to prevent future attacks.”

At the time of writing, the shop.garmin.co.za website was offline.  — (c) 2019 NewsCentral Media