Michigan-headquartered medical technology company Stryker experienced a damaging cybersecurity breach on March 11 that disabled portions of its worldwide network infrastructure, triggering a 3.6% decline in share value.
In a regulatory filing submitted to the SEC, the corporation disclosed that the attack restricted access to various information technology systems and critical business applications. The company refrained from providing an estimated timeline for complete system recovery.
Employees and external contractors took to social media platforms reporting that an Iranian-affiliated hacking group’s logo had materialized on corporate login screens. Phone calls directed to the company’s Portage, Michigan corporate offices were answered with an automated message indicating the facility was “currently experiencing a building emergency.”
According to Stryker’s statement, investigators detected no ransomware or malicious code and the company maintains that the security incident has been successfully contained. Nevertheless, the operational disruption reached far enough to impact its manufacturing facility in Cork, Ireland — which maintains a workforce exceeding 4,000 employees — along with additional locations in Limerick and Belfast.
The Iran-affiliated hacking collective Handala announced their involvement through official Telegram and X social media channels. The organization characterized the attack as retaliation for military action against the Minab girls’ school in southern Iran, where Iranian authorities claim approximately 150 students perished on the opening day of coordinated U.S.-Israeli military operations against Iran commencing February 28. Reuters has been unable to independently corroborate this casualty count.
Handala alleged they successfully wiped over 200,000 computing systems, servers and mobile endpoints, while exfiltrating 50TB of corporate data. The group additionally claimed Stryker locations spanning 79 nations were compelled to cease operations. The company has not provided verification of these particular assertions.
Reporting from The Wall Street Journal indicated the service disruptions commenced shortly after midnight Eastern time on Wednesday, subsequently cascading across global locations. Remote Windows endpoints — encompassing laptops and smartphones connected to Stryker’s corporate infrastructure — were completely erased.
Cynthia Kaiser, previously a senior FBI cybersecurity official and currently with Halcyon, stated: “This is exactly the type of attack we have been worried about: Iranian proxies using destructive cyber attacks like data deletion against U.S. companies to retaliate.”
Handala maintains an established history of malicious activity. Israeli cybersecurity company Check Point released research on Tuesday connecting the organization to numerous data breach-and-disclosure campaigns and destructive operations featuring data annihilation.
Gil Messing, Chief of Staff at Check Point, identified the group as operating under Iran’s Ministry of Intelligence and labeled them “the most notorious group affiliated with the Iranian regime.” He suggested their public acknowledgment of this attack represents “a new phase in Iran’s motivations.”
White House officials stated the Trump administration is “proactively monitoring potential cyber threats” and maintaining coordination with critical infrastructure entities and law enforcement organizations. Neither the FBI nor CISA provided responses to media inquiries.
Subsequent to the Stryker incident, Handala also announced a separate intrusion targeting Israeli financial technology firm Verifone. Verifone refuted this claim, asserting investigators discovered no indication of any security breach and confirmed zero service interruptions for customers.
Ken Sheehan, director of operations at Smarttech247, observed that Handala’s primary infiltration technique continues to be phishing campaigns and recommended organizations enhance cybersecurity awareness education programs.
Stryker maintains a global workforce of approximately 56,000 employees distributed across 61 nations and generated over $25 billion in annual revenue last year.
The post Stryker (SYK) Stock Plunges 3.6% Following Major Cyberattack by Iran-Backed Hackers appeared first on Blockonomi.
