Iran-linked hackers claim cyberattack on US medical device maker Stryker
Mar 12th 2026
Handala claimed responsibility for a cyberattack on Stryker, disrupting employee access to Microsoft systems and citing retaliation for the Minab school bombing; Stryker says the incident is contained but investigations and system restorations are ongoing.
- Handala, an Iran-linked hacktivist group, said it carried out the attack on Stryker in retaliation for the Minab school bombing.
- Stryker said the breach disrupted thousands of employees using the company’s Microsoft systems and warned the timeline for full restoration is unknown.
- Stryker told regulators it has no indication of ransomware or malware and believes the incident is contained while its investigation continues.
- Handala claimed to have wiped systems and extracted 50 terabytes of data, but provided no evidence for those assertions.
- Stryker’s shares fell about 3% after the attack was reported.
- Security firms say Handala emerged in 2023 and has previously targeted Israeli and regional infrastructure, and some analysts view the attack as a sign of Iran-linked cyber activity widening to US corporate targets.