Skip to main content
List Directory
  • News
  • World
  • Business
  • Entertainment
  • Sports
  • Tech and Science
  • Health
Menu
  • News
  • World
  • Business
  • Entertainment
  • Sports
  • Tech and Science
  • Health
Stryker Hit by Iran-Linked Hackers: Data Wipe & Global Shutdowns

Stryker Hit by Iran-Linked Hackers: Data Wipe & Global Shutdowns

March 22, 2026 Sarah Wu - Tech Editor Tech and Science

A significant cyberattack, employing a data-wiping technique, has targeted Stryker, a global medical technology company headquartered in Kalamazoo, Michigan. The attack, claimed by the hacktivist group Handala, has reportedly impacted systems across 79 countries and prompted a building emergency at Stryker’s U.S. Headquarters. More than 5,000 Stryker employees in Ireland were sent home Wednesday as the company scrambled to contain the disruption, with reports indicating widespread system outages and device wipes.

Handala and the Microsoft Intune Connection

Handala, as well known as Handala Hack Team, asserts responsibility for erasing data from over 200,000 systems, servers, and mobile devices. The group posted a manifesto to Telegram outlining their motives, linking the attack to a February 28th missile strike in Iran that reportedly killed at least 175 people, most of them children. The Modern York Times reports that a military investigation has determined the United States was responsible for the strike.

Security firm Palo Alto Networks has profiled Handala, connecting the group to Iran’s Ministry of Intelligence and Security (MOIS) through an entity called Void Manticore. Handala surfaced in late 2023 and is considered opportunistic, often targeting supply chains to reach downstream victims.

Interestingly, the attack doesn’t appear to have utilized traditional ransomware or malware. A source familiar with the incident told KrebsOnSecurity that the perpetrators leveraged Microsoft Intune, a cloud-based device management service, to issue a ‘remote wipe’ command to connected devices. Intune allows IT teams to enforce security policies and remotely manage devices, but in this case, it was reportedly exploited to erase data. Several Stryker employees have been advised to uninstall Intune, according to a Reddit discussion among affected users.

Impact on Healthcare and Supply Chains

Stryker, which reported $25 billion in global sales last year, is a major supplier of medical devices. The attack is already causing disruptions within the healthcare sector. One healthcare professional at a U.S. University medical system reported being unable to order surgical supplies normally sourced from Stryker, highlighting the potential for a real-world supply chain attack. The company employs 56,000 people across 61 countries.

The Maryland Institute for Emergency Medical Services Systems issued a memo on March 11th noting that Stryker had reported a “global network disruption.” As a precaution, some hospitals have temporarily disconnected from Stryker’s online services, including LifeNet, a system that allows paramedics to transmit EKGs to emergency physicians for faster heart attack treatment. The memo advises paramedics to initiate radio consultation if ECG transmission is unavailable.

Wiper Attacks and the Intune Vulnerability

Wiper attacks, as the name suggests, are designed to irrevocably erase data on infected devices. While typically involving malicious software, this incident demonstrates a novel approach using a legitimate IT management tool – Microsoft Intune – for destructive purposes. This raises questions about the security of such tools and the potential for abuse by malicious actors who gain access to administrative controls.

The use of Intune also suggests a level of sophistication and insider knowledge. Exploiting the service to issue a remote wipe requires understanding its functionality and having the necessary permissions. This points to a targeted attack rather than a broad, indiscriminate campaign.

Geopolitical Context and Motivations

Handala’s stated motivation for the attack – retaliation for the Iranian school strike – underscores the growing trend of cyberattacks linked to geopolitical tensions. The group refers to Stryker as a “Zionist-rooted corporation,” potentially referencing the company’s 2019 acquisition of the Israeli firm OrthoSpace. This framing aligns with Handala’s broader focus on Israel, as noted by Palo Alto Networks, though the group occasionally targets entities outside that scope when it serves a specific agenda.

The attack comes amid escalating tensions in the Middle East, raising concerns that state-aligned cyber actors may increase retaliatory operations against Western companies and critical infrastructure. This incident serves as a stark reminder of the interconnectedness between physical and digital security, and the potential for cyberattacks to disrupt essential services.

What Comes Next: Containment and Investigation

Stryker has stated that it is working to understand the full impact of the attack and has implemented business continuity measures to support customers and partners. The company has not indicated any evidence of ransomware or malware, and believes the incident is contained. However, the extent of the data loss and the long-term consequences for Stryker and its customers remain unclear.

The American Hospital Association (AHA) is actively exchanging information with the hospital field and the federal government to assess the threat and any potential impact on U.S. Hospitals. As of now, the AHA reports no direct disruptions, but continues to monitor the situation closely. Further investigation will be needed to determine the full scope of the breach, identify vulnerabilities that were exploited, and develop strategies to prevent similar attacks in the future. Industrial Cyber reports that Stryker has stated the Mako System used for orthopedic procedures is not a connected device and operates independently of the network.

Recent Posts

  • Madison Keys vs. Hanne Vandewinkel Live: French Open 2026 TV Schedule and Streaming Guide
  • Our Strict Quality Control Process for Returned Clothing
  • German Business Sentiment Shows Slight Recovery in May According to Ifo Index
  • The 2-week supplement to avoid travel tummy trouble – plus blood clots worries – The Irish Sun
  • Ukraine Achieves Major Battlefield Successes as Russian Casualties Mount

Recent Comments

No comments to show.
List Directory

List-Directory is a comprehensive directory of businesses and services across the United States. Find what you need, when you need it.

Quick Links

  • Home
  • Privacy Policy
  • Terms of Service

Browse by State

  • Alabama
  • Alaska
  • Arizona
  • Arkansas
  • California
  • Colorado

Connect With Us

Official social links will appear here when available.

List-directory.com
For contact, advertising, copyright, issues email: [email protected]

Privacy Policy Terms of Service