Stryker Hit by Cyberattack Linked to Iran, Disrupting Operations Globally

A sweeping cyberattack, allegedly perpetrated by an Iran-linked hacking group, has significantly disrupted operations at Stryker, a leading U.S.-based medical technology company. The attack, which began shortly after 4 p.m. On Wednesday, March 11, 2026, involved the wiping of over 200,000 systems and the extraction of 50 terabytes of data, according to claims made by the hacking group.

Attack Claimed by Handala Group

The hacking group, identified as Handala, asserted responsibility for the attack, stating it was in retaliation for military strikes on Iran and what they termed “ongoing cyber assaults against the infrastructure of the Axis of Resistance.” Handala claimed to have shut down Stryker offices in 79 countries and that all extracted data is now accessible. The group likewise issued a warning to “Zionist leaders and their lobbies,” suggesting further cyberattacks are planned.

Impact on Stryker’s Operations

Stryker, founded in Kalamazoo, Michigan, is a global medical device giant with approximately 56,000 employees and reported $25.12 billion in revenue in 2025. The company manufactures a wide range of medical products, including orthopedic implants, surgical instruments, hospital beds, and robotic surgery systems. The cyberattack impacted Windows devices, including laptops and mobile phones connected to Stryker’s networks, which were remotely wiped. The logo of Handala reportedly appeared on login screens, according to reports from the Wall Street Journal.

Cybersecurity Experts Weigh In

Ken Sheehan, Director of Operations at Smarttech247, noted that his firm’s threat intelligence team had been monitoring increased cyber activity by the Handala group. He added that the group appears to be targeting infrastructure and service providers globally to maximize disruption and that attacks targeting businesses with operations in Ireland have been linked to the group. Sheehan emphasized the increasing cyber risk in the wake of recent hostilities in the Middle East, advising clients to maintain extreme vigilance. Reuters reported on these developments.

Further Attacks Reported

Handala also claimed responsibility for an attack on Verifone, a company specializing in electronic and point-of-sale payments. AFP has not independently verified these claims.

Stryker’s Response

According to the Wall Street Journal, Stryker issued an internal notice describing a “severe, global disruption across the Windows environment impacting both client devices and servers.” The company has engaged Microsoft to assist in the investigation.

Handala’s History

Handala, which has been linked to Iran, emerged around 2022 and has claimed a series of attacks on Israeli and Gulf-region companies in recent weeks.