Navionics breach exposed hundreds of thousands of boat owners’ data

Publish date:

Navionics parent company Garmin fixed a database misconfiguration that exposed hundreds of thousands of boaters’ information to anyone who knew where to look.

A white hat security researcher — an ethical hacker who scans for security risks — notified Garmin about the misconfiguration in a Navionics backup database by MongoDB, one of the most widely used database providers in the world.

“The security researcher informed us that he accessed the database and downloaded a limited sample of data, which included a small number of customer email addresses and nicknames,” Garmin spokeswoman Carly Hysell told Trade Only Today.

No other customers were affected, Hysell said. “Once notified, we immediately investigated and resolved the vulnerability,” Hysell said. “We confirmed that none of the records or data were otherwise accessed or exfiltrated, and none of the data was lost.”

According to Tech Crunch, Bob Diachenko —’s newly appointed director of cyber risk research — said in a blog post that the 19 gigabyte Navionics database contained 261,259 unique records. The database had customer names, email addresses and navigational information.

“Navionics takes data protection very seriously, and we are grateful that Mr. Diachenko notified us of this misconfiguration using the responsible disclosure model,” Hysell said.

The breach is one of a string of MongoDB-based exposures, Tech Crunch said.

The database was designed to sit behind firewalls and was not automatically password-protected. Since more database are connected directly to the Internet, MongoDB refreshed its software to include a password by default, but many outdated installations are still unsecured, the publication said.

MongoDB databases have been hacked and had their contents downloaded and wiped, then held for ransom.


German Superyacht Yard Files for Bankruptcy

Nobiskrug cited a lack of orders, the Covid-19 pandemic and other factors in its decision to start the proceedings.

West Marine Acquired

The private-equity firm L Catterton will take a controlling interest in the retailer’s ownership.

Kicker Supports Two Events on Lake Havasu

The marine audio company will take part in the performance-boat events Super Cat Fest West and the Desert Storm Poker Run this weekend and next.

Bay Bridge Show Starts Tomorrow

The combined sail- and powerboat show runs through Sunday in Stevensville, Md.

Brunswick Corp. Arranges Covid-19 Vaccinations

The marine-industry conglomerate aims to protect employees and their communities against Covid-19.

Kadey-Krogen Announces New Ownership Structure

This summer, the builder and its new investor plan to reveal a five-year innovation and strategic plan.

What is America’s Finest Harbor?

Online voting is open in the US Harbors competition for the best U.S. harbor.

Bruce Van Wagoner to Retire

The 45-year industry veteran was marine group president for Wells Fargo Distribution Finance.

Patrick Acquires SeaDek Parent

The Indiana-based company continues its strategy of growth through acquisitions.