Mar 12, 2026 12:08:00

Medical technology giant Stryker suffers global outage after cyberattack claims it is retaliation for missile attack on Iranian school

A hacktivist group with ties to Iranian intelligence has claimed responsibility for a data erasure attack against

Stryker , a global medical technology company based in Michigan, USA.

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker – Krebs on Security
https://krebsonsecurity.com/2026/03/iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker/

Cork-based Stryker hit with cyberattack linked to Iranian-backed group
https://www.irishexaminer.com/news/munster/arid-41808308.html

Stryker cyber attack: Thousands of Irish unable to work as hackers cripple global systems - Irish Mirror
https://www.irishmirror.ie/news/irish-news/stryker-cyber-attack-thousands-irish-36850017

Stryker, headquartered in Kalamazoo, Michigan, USA, is a medical and surgical equipment manufacturer that is expected to achieve global sales of $25 billion (approximately 3.97 trillion yen) by 2025.

Iranian hacktivist group Handara posted a lengthy statement on Telegram claiming to have launched a hacking attack against Stryker, claiming that Handara had wiped data from over 200,000 systems, servers, and mobile devices that they had hacked, forcing Stryker to shut down its offices in 79 countries.

Below is a screenshot of the statement posted by Stryker on Telegram.

Handara claims that 'all of the data collected is now in the hands of the free people of the world, ready to be used for the true advancement of humanity and the exposure of injustice and corruption.'

Handara claimed that the data erasure attack was in retaliation for the US and Israeli missile attack on an Iranian school on February 28, 2026, which killed at least 175 people.

The New York Times reported that 'an ongoing military investigation has concluded that the missile attack on the Iranian school was carried out by a Tomahawk missile used by the US military.'

Handara is one of several Iranian-linked hacker groups recently profiled by Palo Alto Networks that has been linked to the Ministry of Intelligence and Security of Iran (MOIS). According to Palo Alto Networks, Handara emerged in late 2023 and is assessed to be one of several online personas maintained by Void Manticore , a threat actor with ties to MOIS.

According to Stryker's website, the company has 56,000 employees in 61 countries around the world. On March 11, 2026, security analyst Brian Krebs called Stryker's headquarters and received a voicemail message saying, 'There is currently an emergency in the building. Please call back later.'

Stryker employees are reportedly communicating via WhatsApp about whether they can return to work. One employee said all network-connected devices have been taken down, and anyone who had Microsoft Outlook installed on their personal mobile phone has had their data wiped.

Data wipe attacks are typically cyberattacks involving malicious software designed to overwrite existing data on infected devices. However, reliable sources familiar with the attack say that in this case, the attackers appear to have used a Microsoft service called

Microsoft Intune to issue a 'remote wipe' command to all devices connected to the network.

Microsoft Intune is a cloud-based solution built for IT teams to enforce security and data compliance policies, providing a single, web-based management console for monitoring and controlling devices wherever they are. Several users claiming to be Stryker employees posted on Reddit that they were instructed to quickly uninstall Microsoft Intune.

Stryker is a major supplier of medical equipment, and the data erasure attack has already affected healthcare providers, with healthcare workers at a major US university saying they are no longer able to order surgical supplies that they normally source through Stryker.