A large-scale cyber disruption hit medical technology giant Stryker early Wednesday, forcing the company to shut down parts of its digital network as investigators worked to understand the scope of the breach.
An Iranian-linked hacking group known as Handala later claimed responsibility for the incident, which cybersecurity experts say could be one of the most extensive cyberattacks to target a major U.S. medical technology company.
Employees and contractors reported widespread outages affecting devices connected to Stryker’s systems. According to reporting from The Wall Street Journal, the group’s logo briefly appeared on internal login pages while company-issued cellphones, laptops, and other remote devices running Microsoft Windows were wiped.
Stryker confirmed it experienced a major network disruption tied to a cyberattack.
“Stryker is experiencing a global network disruption to our Microsoft environment as a result of a cyberattack,” a company spokesperson said. “We have no indication of ransomware or malware and believe the incident is contained.”
The spokesperson did not identify a suspected perpetrator. Calls to the company’s headquarters in Portage, Michigan, were reportedly answered by an automated message stating the building was dealing with an emergency.
Handala posted a statement on its Telegram channel claiming the attack was retaliation for a strike on a school in Minab, Iran, that it said killed children. The group also cited “ongoing cyber assaults” as part of its justification.
Cybersecurity researchers have previously linked Handala to Iran’s Ministry of Intelligence and Security. The group emerged around 2023 and has taken responsibility for several cyber incidents targeting Israeli organizations and other regional entities.
Michigan State University cybercrime expert Thomas Holt said the scope of the disruption appears unusual.
“There’s a lot of different examples of these kinds of attacks,” Holt said, “but not one that has this extreme of a global set of effects.”
Stryker, which produces surgical equipment, implants, and hospital technology used worldwide, reported roughly $25 billion in revenue last year and employs about 56,000 people globally. Shares of the company fell more than 3 percent during Wednesday’s trading following news of the cyberattack.
