Stryker Faces Global Network Disruption Following Cyberattack
Stryker Corporation is currently grappling with a worldwide disruption of its Microsoft environment, triggered by a cyberattack.
In a statement disseminated on LinkedIn on Wednesday, the firm indicated that it does not suspect the involvement of ransomware or any other malicious software in the assault, asserting its belief that the event has been contained.
“Our teams are diligently working to ascertain the ramifications of the attack,” stated the company. “Stryker has established business continuity protocols to ensure ongoing support for our customers and collaborators. We are dedicated to transparency and will update stakeholders as further information becomes available.”
The company has not responded to MedTech Dive’s request for commentary by the time of publication.
Headquartered in Portage, Michigan, Stryker is a leading player in the medtech sector, specializing in orthopedic solutions. The company’s portfolio includes joint implants, surgical robots, and various medical apparatus, such as hospital beds.
Stryker employs approximately 56,000 individuals and has a presence in 61 countries. In 2025, the firm recorded a revenue of $25.1 billion.
A report from The Wall Street Journal indicates that the attack culminated in a global outage affecting Stryker’s systems, during which hackers remotely erased data on devices operating Windows, including cell phones and laptops.
Stryker instructed its workforce to disconnect from all networks and refrain from activating company-assigned devices, according to an email reviewed by the Journal.
An Iran-linked threat actor known as Handala has claimed responsibility for the intrusion, as asserted by a representative from Check Point Research.
Handala presents itself as a pro-Iranian hacktivist group; however, it is believed to operate under the auspices of Iran’s Ministry of Intelligence and Security, according to Palo Alto Networks Unit 42.
This attack signifies a marked escalation for Handala, representing its inaugural assault on a major U.S. corporation, as per findings from Check Point Research.
“The fact that they have targeted a significant medical device company is particularly concerning,” commented Sergey Shykevich, threat intelligence group manager at Check Point Research.
“Critical healthcare infrastructure is a high-value, high-impact target; disruption transcends mere data loss—it can jeopardize patient safety.”
Numerous hacktivist groups have undertaken attacks against entities in the Middle East since the onset of hostilities between the U.S. and Iran in late February.
An Iranian state-aligned actor, recognized as Seedworm or MuddyWater, has been implicated in targeting U.S. corporate networks since early February.
Researchers from Symantec and Carbon Black have discovered backdoors infiltrating the systems of various companies.
Source link: Cybersecuritydive.com.
