{"id":4826,"date":"2026-03-14T08:40:30","date_gmt":"2026-03-14T08:40:30","guid":{"rendered":"https:\/\/ft365.org\/index.php\/2026\/03\/14\/iran-claims-massive-cyber-attack-on-medtech-firm-stryker\/"},"modified":"2026-03-14T08:40:30","modified_gmt":"2026-03-14T08:40:30","slug":"iran-claims-massive-cyber-attack-on-medtech-firm-stryker","status":"publish","type":"post","link":"http:\/\/ft365.org\/index.php\/2026\/03\/14\/iran-claims-massive-cyber-attack-on-medtech-firm-stryker\/","title":{"rendered":"Iran Claims Massive Cyber-Attack on MedTech Firm Stryker"},"content":{"rendered":"
\n

\"Photo<\/p>\n<\/div>\n

\n

Pro-Iranian hackers have claimed a major scalp after causing global disruption at Fortune 500 medical technology vendor Stryker.<\/p>\n

The Handala group claimed in an online post that it wiped \u201cover 200,000 systems, servers, and mobile devices\u201d and exfiltrated 50TB of the firm\u2019s data.<\/p>\n

\u201cStryker\u2019s offices in 79 countries have been forced to shut down,\u201d the message claimed. \u201cAll the acquired data is now in the hands of the free people of the world, ready to be used for true advancement of humanity and the exposure of injustice and corruption.\u201d<\/p>\n

According to Stryker\u2019s website, the maker of neurotechnology, orthopaedics and surgery equipment employs over 56,000 people in 61 countries, and posted sales of $22.6bn in 2024.<\/p>\n

Read more on Iranian cyber-attacks: Hybrid Middle East Conflict Triggers Surge in Global Cyber Activity.<\/em><\/p>\n

Stryker confirmed the attack in an 8-K filing with the SEC yesterday, noting that it led to\u00a0\u201cglobal disruption to the company\u2019s Microsoft environment.\u201d It added that there is no indication of ransomware or malware and the firm believes that the incident is contained.<\/p>\n

\u201cThe incident has caused, and is expected to continue to cause, disruptions and limitations of access to certain of the company\u2019s information systems and business applications supporting aspects of the company\u2019s operations and corporate functions,\u201d it continued.<\/p>\n

\u201cWhile the company is working diligently to restore affected functions and systems access, the timeline for a full restoration is not yet known. The company has business continuity measures in place to continue to support its customers and partners.\u201d<\/p>\n

Handala Is More Than a Hacktivist Group<\/strong><\/h2>\n

The Handala site was down at the time of writing, but experts were quick to lay the blame with the Iranian regime, which is currently engaged in an existential war with the US and Israel.<\/p>\n

\u201cFrom our perspective tracking Handala over the past year, the group has done an effective job presenting itself as a grassroots resistance movement. However, the tactics and targeting we observe are far more consistent with activity linked to Iranian state actors than with independent hacktivism,\u201d explained Kathryn Raines, cyber-threat intelligence team lead at Flashpoint.<\/p>\n

\u201cWhat makes the Stryker incident particularly concerning is the apparent use of enterprise management infrastructure \u2013 potentially weaponizing Microsoft Intune \u2013 to carry out destructive activity at scale.\u201d<\/p>\n

Huntress CISO, Chris Henderson, also suggested InTune may have been hijacked to wipe devices en masse, potentially after a credential compromise.<\/p>\n

\u201cThis goes to show geopolitical conflicts don’t stay overseas. Nation-state actors are targeting American companies that support critical infrastructure, healthcare, energy, and manufacturing, because the disruption extends far beyond the initial victim,\u201d he added.<\/p>\n

\u201cHospitals are waiting for equipment, patients are unable to receive care, and supply chains are grinding to a halt. This is the reality of modern conflict, and healthcare organisations are directly in the crossfire whether they realise it or not.”<\/p>\n

Image credit: JHVEPhoto \/ Shutterstock.com<\/em><\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"

Pro-Iranian hackers have claimed a major scalp after causing global disruption at Fortune 500 medical technology vendor Stryker. The Handala group claimed in an online post that it wiped \u201cover 200,000 systems, servers, and mobile devices\u201d and exfiltrated 50TB of the firm\u2019s data. \u201cStryker\u2019s offices in 79 countries have been forced to shut down,\u201d the<\/p>\n","protected":false},"author":2,"featured_media":4827,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-4826","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"featured_image_urls":{"full":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4826-ffbefbba-8f32-40ed-bcf2-c13520d91697.jpg",300,300,false],"thumbnail":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4826-ffbefbba-8f32-40ed-bcf2-c13520d91697-150x150.jpg",150,150,true],"medium":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4826-ffbefbba-8f32-40ed-bcf2-c13520d91697.jpg",300,300,false],"medium_large":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4826-ffbefbba-8f32-40ed-bcf2-c13520d91697.jpg",300,300,false],"large":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4826-ffbefbba-8f32-40ed-bcf2-c13520d91697.jpg",300,300,false],"1536x1536":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4826-ffbefbba-8f32-40ed-bcf2-c13520d91697.jpg",300,300,false],"2048x2048":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4826-ffbefbba-8f32-40ed-bcf2-c13520d91697.jpg",300,300,false],"morenews-featured":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4826-ffbefbba-8f32-40ed-bcf2-c13520d91697.jpg",300,300,false],"morenews-large":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4826-ffbefbba-8f32-40ed-bcf2-c13520d91697.jpg",300,300,false],"morenews-medium":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4826-ffbefbba-8f32-40ed-bcf2-c13520d91697.jpg",300,300,false],"crawlomatic_preview_image":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4826-ffbefbba-8f32-40ed-bcf2-c13520d91697-146x146.jpg",146,146,true]},"author_info":{"display_name":"henry","author_link":"http:\/\/ft365.org\/index.php\/author\/henry\/"},"category_info":"Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","_links":{"self":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/4826","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/comments?post=4826"}],"version-history":[{"count":0,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/4826\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media\/4827"}],"wp:attachment":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media?parent=4826"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/categories?post=4826"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/tags?post=4826"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}