Do you have a Garmin watch?
If you don’t, you probably know someone who uses the GPS and fitness tracking equipment.
And, in that case, you’ll no doubt be aware that many of its services have been unusable over the past week following a widespread outage, reportedly caused by a ransomware attack.
So, how has the fitness technology provider managed this crisis media management incident and its time in the media spotlight?
Well, if there was trackable data for this kind of thing, it would be producing the type of reading that would require emergency help.
In short, the company has failed to follow some of the most basic crisis media management rules – and customers are not happy.
On our crisis communication training courses, which can be delivered on videoconferencing software and face-to-face, we always talk about the importance of providing timely communication to the media and customers, whatever the nature of the incident.
But what we have seen with Garmin is a lack of communication.
Initial reports of the problems were met with silence, which is never a great approach to crisis communication.
When it did address the issue, it did so through a Tweet which said little and only really served as a belated acknowledgement of the problems.
It said: “We are currently experiencing an outage that affects Garmin Connect, and as a result, the Garmin Connect website and mobile app are down at this time.
“This outage also affects our call centres, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.”
We are currently experiencing an outage that affects Garmin Connect, and as a result, the Garmin Connect website and mobile app are down at this time. (1/2)— Garmin (@Garmin) July 23, 2020
This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience. (2/2)— Garmin (@Garmin) July 23, 2020
On Saturday, this was finally followed by a little more information on the incident in the form of a short ‘frequently asked questions’ page, which arguably didn’t answer the questions customer were asking and even then some of the responses didn’t sound particularly reassuring.
For example, it responded to the question about the security of customer data, by saying it has: “no indication that this outage has affected your data, including activity, payment or other personal information.”
Garmin dealing with a significant outage with a measly Q&A is so inadequate (their only outreach so far!) Isn’t there a crisis communication plan in place? You have to be transparent and communicate often. Your customers are losing patience #PR #Comms https://t.co/dbgomQ6t83— Thida Ith (@Thida_Ith) July 26, 2020
How many days can #Garmin go without making a statement. 101 of crisis comms...keep a rhythm of communication going.— scottzoback (@scottzoback) July 25, 2020
It's not like their core customers of pilots, runners, athletes are mildly obsessive or anything
Over 1 day and still nothing more than a mealy mouthed corporate speak message to explain the #garminoutage...get some PR advice and keep your users informed #garmin What is the best competitor to switch to #outragedgarminusers ?— Tai Ping Shan (@TaiPingShan) July 24, 2020
And that, together with an email to customers on Sunday, is pretty much the total of what it has said.
This seems a strange approach to a crisis which has made plenty of headlines and has the potential to cause lasting damage to its brand.
Suspected cyber attack forces Garmin fitness app to take a break The Times
Smartwatch maker Garmin taken offline after suspected cyber attack Sky News
Inactive wear! Smartwatch maker Garmin suffers widespread outages following ‘ransomware attack’ - leaving thousands unable to track their workouts Daily Mail
So, what should it have done differently?
Well, we would have expected far more updates from the company. You can’t really over communicate in this situation, particularly on social media, which is likely to be the first place affected customers will turn to for information.
Staying largely silent allows rumour, speculation and misinformation to fill the vacuum. That void has partly been filled here by Garmin employees seemingly unofficially confirming that the issues were caused by a ransomware attack.
Rule #1 don’t lose control over the message. You’ve got employees leaking to the press. You’re not out in front of this. The lack of transparency is terrible for your brand. #Garmin #garminoutage #garminhacked https://t.co/GfcpbAvIMg— randysnachos (@randysnachos) July 25, 2020
@Bitdefender— Marian Chicu (@marian_chicu) July 25, 2020
“ Garmin employees have told BleepingComputer that the company was struck down by the WastedLocker ransomware. Screenshots sent to BleepingComputer show long lists of the company’s files encrypted by the malware, with a ransom note attached to each file.”
Even if you don’t have much new to say, regular updates will help show your customers that you are still working to tackle the issue and that it remains a priority.
Those updates should show examples of the action you are taking to get things back on track. Talk about the number of people you have working on the problem and the progress they have made so far, even if it is small steps.
Of course, if the rumours are true and it is a ransomware attack, you will want to be careful about what you say because those behind the attack are likely to be looking at what you say.
But that doesn’t mean you can’t communicate.
I would also expect something that shows more empathy and sounds more sincere than an apology for the ‘inconvenience’.
We wrote about this recently in another blog about a crisis management incident which wasn’t handled well.
It is a phrase which makes apologies sound half-hearted, or even forced – like they are apologising because they think they have to, rather than because they genuinely believe they should say ‘sorry’.
I would like to have seen signs of visible leadership here. It doesn’t necessarily need to be the CEO – maybe the IT Director would be better placed given the nature of the incident.
But an effective crisis response typically involves someone high-up in the company being prepared to put their name to quotes and give interviews.
This helps not only to show that the crisis is being tackled at the top, but also gives a human side to the company. And that, in turn, can make messages more relatable, believable and authentic.
Imagine someone in Garmin saying something like: “I use my watch every day to track my runs and I share your unhappiness that we can’t currently do that.
“It is hugely frustrating and I am sorry that these services are still down.
“But our teams are working around the clock to get everything back up and running and I know we are making progress.
“I’m confident that all of us will be tracking our runs and workouts again soon and I will let you know as soon as you can do that.”
Eventually, as services began to be restored on Monday (27/7), there was a little more information from the company.
We are happy to report that many of the systems and services affected by the recent outage, including Garmin Connect, are returning to operation. Some features still have temporary limitations while all of the data is being processed.— Garmin (@Garmin) July 27, 2020
We’d like to thank all of our customers for your patience and understanding. For more information, please visit https://t.co/U3vwBre4U2.— Garmin (@Garmin) July 27, 2020
Although its Tweet on Monday night didn’t give much away, a statement on its website confirmed that it had been victim of a ‘cyber-attack’.
It said that it had “immediately” assessed the nature of the attack and “started remediation”. And it said there was ‘no indication’ customer data had been impacted.
It also went on to thank customers for their “patience and understanding” before adding – somewhat boldly considering what had been said about it on social media recently – that it “looks forward to continuing to provide the exceptional customer service and support that has been our hallmark and tradition.”
That last line aside, the statement included much of what it should have been saying during the incident, rather than waiting until the end.
Time will tell if that is enough for its customers or whether its poor crisis communication has put the health of its reputation at risk.
Media First are media and communications training specialists with over 30 years of experience. We have a team of trainers, each with decades of experience working as journalists, presenters, communications coaches and media trainers.
Subscribe here to be among the first to receive our blogs.