Stryker’s Response to Cyber Attack: How the Medtech Giant is Strengthening Cybersecurity Measures

Stryker Hit by Wiper Malware Attack

Stryker, a leading medical technology company, recently fell victim to a wiper malware attack orchestrated by Handala, an Iranian-affiliated hacktivist group known for its pro-Palestinian stance.

The Fortune 500 company, boasting over 53,000 employees and global sales of $22.6 billion in 2024, specializes in manufacturing surgical and neurotechnology equipment.

According to Handala, they successfully infiltrated Stryker’s network, extracting 50 terabytes of data and wiping tens of thousands of systems and servers, causing significant disruptions and forcing the company to cease operations.

The hackers claimed responsibility for the attack, stating, “In this operation, over 200,000 systems, servers, and mobile devices have been wiped, and 50 terabytes of critical data have been extracted, leading to the shutdown of Stryker’s offices in 79 countries.”

Reports from alleged Stryker employees in various countries confirm the extent of the attack, with devices being remotely wiped and the company’s Entra login page defaced with the Handala logo.

An employee recounted how the incident unfolded, with managed Windows and mobile devices being reset remotely, resulting in data loss for those with personal phones enrolled for work access.

As a consequence of the attack, internal services and applications were disrupted, leading to some locations resorting to manual workflows due to system unavailability.

Stryker is currently in the process of restoring its systems following the global outage triggered by the attack, as reported by The Wall Street Journal.

The origins of Handala trace back to December 2025, characterized by its affiliation with Iran’s Ministry of Intelligence and Security (MOIS) and its targeting of Israeli organizations with destructive malware aimed at wiping Windows and Linux devices.

Known for both data theft and publication on data leak portals, Handala operates under various aliases such as Handala Hack Team, Hatef, and Hamsa.

Despite attempts to reach out to a Stryker spokesperson for comments on the incident, a response was not immediately forthcoming.

Malware Evolution: The Red Report 2026

Stay informed about the latest trends in malware. The Red Report 2026 delves into how new threats leverage mathematical techniques to evade detection and operate stealthily.

Access our comprehensive analysis of 1.1 million malicious samples to uncover the top 10 techniques and assess the efficacy of your security measures.

Download The Report