Stryker, the Michigan-based medical device maker, was hit by a destructive cyberattack on March 11 that knocked out parts of its global network and sent its stock down 3.6%.
US medical technology maker Stryker was hacked in an attack that’s crippled the company’s global operations, according to a person familiar with the matter and a memo seen by Bloomberg News https://t.co/2T0FsKctf0
— Bloomberg (@business) March 11, 2026
The company filed with the SEC saying the attack cut off access to some information systems and business applications. It did not give a timeline for full restoration.
Staff and contractors reported on social media that the logo of an Iran-linked hacking group appeared on the company’s login pages. Calls to Stryker’s Portage, Michigan headquarters were met with a recording saying the company was “currently experiencing a building emergency.”
Stryker said it found no ransomware or malware and believes the incident is contained. That said, the disruption was widespread enough to affect its Cork, Ireland plant — which employs more than 4,000 people — as well as facilities in Limerick and Belfast.
Iran-linked group Handala claimed responsibility via its Telegram and X pages. The group said it was retaliating for the strike on the Minab girls’ school in southern Iran, which Iranian officials say killed around 150 students on the first day of U.S.-Israeli airstrikes on Iran beginning February 28. Reuters has not independently verified that figure.
The group claimed it wiped more than 200,000 systems, servers and mobile devices, and extracted 50TB of data. It also claimed Stryker offices in 79 countries were forced to shut down. Stryker has not confirmed those specific claims.
The Wall Street Journal reported the outages began just after midnight Eastern time on Wednesday, spreading globally from there. Remote Windows devices — including laptops and phones connected to Stryker’s systems — were wiped.
Cynthia Kaiser, a former senior FBI cyber official now at Halcyon, said: “This is exactly the type of attack we have been worried about: Iranian proxies using destructive cyber attacks like data deletion against U.S. companies to retaliate.”
Handala has a known track record. Israeli cybersecurity firm Check Point published a report Tuesday linking the group to multiple hack-and-leak operations and destructive attacks involving data destruction.
Check Point’s Chief of Staff Gil Messing said the group operates under Iran’s Ministry of Intelligence and called them “the most notorious group affiliated with the Iranian regime.” He said publicly claiming the attack signals “a new phase in Iran’s motivations.”
The White House said the Trump administration is “proactively monitoring potential cyber threats” and coordinating with critical infrastructure and law enforcement agencies. The FBI and CISA did not respond to requests for comment.
Following the Stryker attack, Handala also claimed a separate attack on Israeli fintech Verifone. Verifone disputed that, saying it found no evidence of any intrusion and had no service disruption for clients.
Smarttech247’s director of operations Ken Sheehan noted that Handala’s main attack method remains phishing and urged companies to step up cybersecurity awareness training.
Stryker has around 56,000 employees across 61 countries and reported more than $25bn in revenue last year.
The post Stryker (SYK) Stock Falls 4% After Iran-Linked Cyberattack on Global Network appeared first on CoinCentral.
