Stryker cyberattack claimed by Iran-linked group.

The Iran-linked hacking group Handala claimed responsibility for the cyberattack on Stryker, a US-based medical technology company. Handala stated the attack was retaliation for military strikes on Iran, specifically citing a "brutal attack on the Minab school". The group claims to have extracted 50 terabytes of data and wiped over 200,000 systems, servers, and mobile devices. Stryker has acknowledged a global network disruption to its Microsoft environment due to a cyberattack but stated there was no indication of ransomware or malware. The company advised employees to disconnect from all networks and not turn on company devices. Reports indicate that Stryker offices in 79 countries were affected, forcing shutdowns. Handala is believed to be a front for Void Manticore, a threat actor sponsored by the Iranian government. The group is known for phishing, data theft, extortion, and destructive attacks using wiper malware. Cybersecurity experts suspect the attackers gained access to Stryker's Active Directory services and used Microsoft Intune to remotely wipe connected devices. The attack has disrupted Stryker's operations, potentially impacting global medical device production and healthcare supply chains. Some hospitals are reportedly unable to order surgical supplies they normally source from Stryker. The company's stock price also fell following reports of the breach.