Stryker, a major medical technology firm, has experienced a massive global system failure following a wiper malware attack. The disruption was claimed by Handala, a hacktivist group with reported Iranian ties, which asserts it destroyed thousands of systems after exfiltrating 50 terabytes of data.
Stryker, a prominent Fortune 500 company specializing in surgical and neurotechnology equipment, is currently grappling with a catastrophic cybersecurity breach. The organization, which employs more than 53,000 people and manages operations across 79 countries, reportedly saw its global network paralyzed early Wednesday morning. Handala, a pro-Palestinian hacktivist group linked to Iranian intelligence, claimed responsibility for the assault, stating they wiped over 200,000 devices and servers after stealing a massive cache of sensitive company data.
The impact of the attack was felt immediately by staff in various regions, including the United States, Ireland, Costa Rica, and Australia. Employees reported that their company-issued laptops and mobile devices were remotely wiped without warning, often in the middle of the night. This reset even affected personal mobile devices that were enrolled in the company’s management software for work access, leading to a significant loss of personal data and prompts for staff to delete corporate applications like Teams and VPN clients.
Internal operations at the medtech giant have been severely compromised, forcing many locations to abandon digital systems entirely. According to employee reports, the lack of access to critical applications and internal services necessitated a shift to pen and paper workflows to maintain basic functions. The attackers further signaled their presence by defacing the company's login page with their group's logo, emphasizing the depth of the intrusion into Stryker's infrastructure.
In response to the crisis, Stryker has acknowledged a severe and global disruption and is currently working with partners like Microsoft to identify the root cause and restore functionality. Messages sent to staff in Ireland and Asia characterized the event as a critical enterprise-wide incident. While the company focuses on recovery, the outage has already drawn significant attention as one of the most substantial destructive malware incidents recently recorded in the medical sector.
The group behind the attack, Handala, has been active since late 2023 and is known for targeting organizations with malware designed to permanently erase data on both Windows and Linux systems. While they often present themselves as hacktivists, security researchers have linked their activities to state-sponsored operations intended to cause maximum operational damage. The group typically follows a pattern of stealing sensitive information before deploying their destructive wiper tools, leaving victims with the dual challenge of a data breach and a total system rebuild.
Source: Starbucks Discloses Data Breach Impacting Hundreds Of Employees