A significant cyberattack has disrupted the global operations of Stryker, one of the largest medical device manufacturers in the world. The Iran-linked hacking group known as Handala has claimed responsibility, framing the cyberattack as a retaliation for a recent military strike that resulted in the tragic deaths of over 170 individuals, with a majority being schoolgirls in the southern Iranian city of Minab. This assault marks the emergence of what the group defines as a new frontier in cyber warfare.
In a statement, Handala announced it had seized approximately 50 terabytes of data from Stryker, asserting that this information is now accessible to “the free people of the world.” The timing of the hacking incident coincided with the onset of what is described as a U.S.-Israeli military offensive against Iran. Reports suggest that the school in Minab may have been deliberately targeted, igniting international outrage and prompting six senior Democratic senators in the U.S. to call for an investigation into the incident.
The cyber disruption began just after midnight on the U.S. East Coast, bringing down critical systems associated with Microsoft and affecting various devices, including laptops and mobile phones linked to Stryker’s networks. The company confirmed that it was dealing with a “global network disruption” due to the cyberattack and reassured stakeholders that there was no evidence of ransomware or malware involved. Stryker officials stated the situation appeared contained.
During the attack, employees reported seeing Handala’s logo displayed on company login pages, heightening concerns about the breach. Inquiries made to Stryker’s headquarters in Portage, Michigan, were met with a recorded message indicating that the company was addressing “a building emergency.” Meanwhile, requests for comments from both the FBI and the Department of Homeland Security’s cybersecurity agency went unanswered.
Stryker’s broad portfolio includes devices for surgical procedures, artificial joints, and patient care solutions, with revenues exceeding $25 billion in 2025. Its impact is felt globally, reaching upwards of 150 million patients across 61 countries.
In addition to targeting Stryker, Handala claimed to have executed a simultaneous attack on payments company Verifone, although Verifone denies experiencing any service interruptions.
As these cyber incidents unfold, Iran has intensified its rhetoric regarding potential threats to Western economic entities. The Iranian Revolutionary Guard Corps (IRGC) recently warned that institutions linked to the U.S. and Israel are now legitimate targets, and state-run media have identified several American tech firms, including Google, Microsoft, and Nvidia, as part of Iran’s new focus.
An Iranian security source suggested that the situation could escalate further, with implications for key regional waterways, drawing parallels to previous restrictions threatened by Tehran against ships navigating through the Strait of Hormuz. As the conflict takes a perilous turn, the international community is closely monitoring developments.
