Iran-linked hackers paralyze US medical giant Stryker in global cyberattack

American medical technology giant Stryker Corporation fell victim to a massive cyberattack, which paralyzed production and logistics processes at the company's branches worldwide. The enterprise confirmed serious disruptions in its IT environment based on Microsoft solutions, directly impacting order fulfillment and shipment of goods. The attack was claimed by the Iran-linked hacker group Handala, which declared these actions were a form of retaliation for an alleged attack on a school in the Iranian city of Minab. According to media reports, the same hacker group also allegedly targeted the company Verifone, specializing in payment systems.

The attack was destructive in nature and classified as a wiper operation, distinguishing it from typical ransomware incidents focused on financial gain. Hackers from the Handala group claimed they had permanently deleted data from the corporation's systems, leaving no possibility for recovery through ransom payment. However, in an official statement on March 13, 2026, Stryker representatives informed that the situation had been fully contained, and the company had begun the process of restoring operational capacity. „Ανακοινώνουμε στον κόσμο ότι, σε αντίποινα για τη βάναυση επίθεση στο σχολείο της Μινάμπ και σε απάντηση στις συνεχιζόμενες κυβερνοεπιθέσεις κατά του Ιράν, χτυπήσαμε τη Stryker” (We announce to the world that, in retaliation for the brutal attack on the school in Minab and in response to the ongoing cyberattacks against Iran, we struck Stryker) — Handala group via in.gr

At Stryker's production plants in Cork, Ireland, which significantly felt the effects of the incident, special repair procedures were implemented. Employees began returning to the facilities in limited numbers, forming so-called skeleton staff, whose task is the manual repair and reconfiguration of infected workstations. Stryker, a Fortune 500 company, supplies specialized surgical and orthopedic equipment to over 75 countries, and its products are used by approximately 150 million patients annually. Stryker Corporation is an American corporation headquartered in Portage, Michigan, with 60% of its 2024 revenue coming from the surgery and neurotechnology sector. The Handala hacker group had previously been linked by cybersecurity researchers to operations supporting Tehran's interests in the digital space. The city of Minab, mentioned by the hackers, is located in southern Iran in Hormozgan province.

Timeline of the Stryker cyber incident: March 2, 2026 — Threat warnings; March 11, 2026 — Attack detection; March 12, 2026 — Claim of responsibility; March 13, 2026 — Situation contained

Reach and status of Stryker Corporation: 1. Fortune 500 (Presence on the list of largest American enterprises); 2. Over 75 countries (Global distribution network for medical products); 3. 150 million patients (Annual scale of the company's product impact)