On Thursday, March 12, the medical equipment giant Stryker, headquartered in Michigan, USA, faced a cyberattack leading to a “global network service disruption” on the Microsoft system it uses. A pro-Iran hacker group has claimed responsibility for the attack.
According to Fox News, an employee at Stryker in Boise, Idaho confirmed the cyber incident and mentioned that they were currently unable to access the company’s internal network. The employee revealed that everyone had been advised to avoid connecting to Stryker’s VPN or related software on any device, and colleagues’ work phones had their data remotely wiped on Wednesday morning, March 11.
Furthermore, an insider disclosed to The Wall Street Journal that the hackers left their organization’s logo on the internal login page of the company.
In a statement to its customers, Stryker confirmed that due to the cyberattack, a global network disruption occurred in its Microsoft operating environment. The company stated, “There are currently no signs of ransomware or malicious software; we believe the incident is under control, and our team is actively investigating the impact of the attack on the system.”
Later on the same day, Stryker mentioned in a securities filing that they are working diligently to restore the affected functions, but anticipate that the attack will continue to disrupt the company’s operations for a while.
A pro-Iran hacker group named “Handala” claimed responsibility for the cyberattack on social media. They accused Stryker of being a company with “fundamentals of Jewish Zionism” and claimed to have attacked 200,000 system devices, stealing up to 50 TB of data.
Handala emerged around 2022, and multiple threat intelligence companies have linked them to Iran. Their attack operations typically involve political propaganda and methods such as web intrusions, homepage replacements, data leaks, and Distributed Denial of Service (DDoS) attacks.
In recent weeks, the group also claimed to have launched a series of attacks on businesses in Israel and other companies in the Persian Gulf region.
Stryker has not confirmed whether the organization is involved and has not immediately responded to media requests for comments.
It is worth noting that the same hacker group has also claimed to have breached the headquarters of the payment technology company Verifone in New York. According to Verifone’s website, the company provides electronic payment transaction technology to up to 75% of the world’s top retailers.
However, a Verifone spokesperson strongly denied this claim to FOX Business, stating, “Verifone closely monitors the security and integrity of global systems. We have noticed threatening behavior claiming to have breached our system in Israel on March 11. However, our company has not found any evidence related to this breach, and customer service was not interrupted.”
In response to the incident, a White House official stated, “The Trump administration is consistently monitoring potential cyber threats and working together with our world-class critical infrastructure oversight agencies and law enforcement to drive response strategies.”