Honestly it would not bother me at all since my data is all pushed to Strava and Map My Run so in reality it is not lost. I do not pay Garmin anything for the service other than buying their device.
The price of the service
is built in to the cost of the device, so you're paying one way or another. At least Garmin devices actually work without the online service.
Just curious how many people would be OK with all their Garmin data gone with no compensation from Garmin for losing it? Or, another way, what are folks paying Garmin via the app to store and manage that data? Wouldn't you want a refund on the months where that data was no longer available? If that adds up to more than 10 million dollars Garmin pays the ransom. Because, seeing this happen to at least two companies I have close ties with IT folks at, recovering their data without paying the ransom wasn't possible. So it's either start over with all data GONE or pay the ransom.
I think this is the wrong way to look at it, though. If the cost to Garmin of losing whatever data was encrypted would have been more than $10 million, that's an argument for why Garmin should have had a proper backup strategy in the first place, not for paying a ransom which ultimately hurts the entire industry.
That's also an argument for putting hefty fines in place for anyone who does pay such a ransom. The cost of a ransom like this is more than just the $10 million, and it's not only Garmin that's paying it. Garmin should not be able to make that choice for the industry unless they're willing to pay what it ultimately costs for
everyone affected, and that's very difficult to quantify.
It's the same problem you have with any negative externality.