Cyber Attack on Stryker Corporation
On March 11, 2026, Stryker Corporation experienced a significant global network disruption due to a cyber attack. The incident began shortly after midnight on the US East Coast and has led to the shutdown of operations in 79 countries, affecting the company’s extensive international reach.
The attack was claimed by Handala, an Iranian-linked hacking group, which stated that it had wiped over 200,000 systems and extracted 50 terabytes of critical data. Stryker, which employs approximately 56,000 individuals and operates in 61 countries, has confirmed that there is no indication of malware or ransomware involved in the attack. A spokesperson for the company stated, “We have no indication of ransomware or malware and believe the incident is contained.”
Impact on Operations
The scale of the disruption is significant, as Stryker’s operations span across multiple continents and sectors, including medical technology and devices. The company reported global sales of $22.6 billion in 2024, highlighting its importance in the healthcare industry. The forced shutdown of operations in numerous countries raises concerns about the potential impact on healthcare services and supply chains.
Handala, the group behind the attack, has been linked to Iran’s Ministry of Intelligence and Security and has a history of targeting Israeli organizations with destructive malware. In their statement, Handala claimed, “In this operation, over 200,000 systems, servers, and mobile devices have been wiped and 50 terabytes of critical data have been extracted.” This declaration underscores the group’s intent to inflict significant damage on Stryker’s operations.
Reactions and Official Statements
The cyber attack has drawn attention from cybersecurity experts and government officials, with concerns that it reflects a broader trend of Iranian proxies employing destructive cyber tactics against U.S. companies. Cynthia Kaiser, a cybersecurity analyst, remarked, “This is exactly the type of attack we have been worried about: Iranian proxies using destructive cyber attacks like data deletion against U.S. companies to retaliate.”
As Stryker works to assess the full extent of the damage and restore its systems, the timeline for recovery remains uncertain. The company has filed a Form 8-K with the SEC to formally disclose the incident, indicating the seriousness of the situation. Details remain unconfirmed regarding the full recovery timeline for Stryker’s systems, leaving stakeholders and the public awaiting further information.
