Attack on Stryker’s Microsoft environment wiped employee devices without malware

3 Min Read

The recent cyberattack on Stryker wiped tens of thousands of employee devices through its Microsoft environment, and systems are still offline.

A recent cyberattack on medical technology giant Stryker targeted its internal Microsoft environment and remotely wiped tens of thousands of employee devices without using malware. The company confirmed that its medical devices were not affected and remain safe to use. However, electronic ordering systems are still offline, forcing customers to place orders manually through sales representatives.

Last week, Pro-Palestinian hacktivist group Handala claimed responsibility for a disruptive cyberattack against medical technology firm Stryker.

The group claimed it wiped more than 200,000 servers, mobile devices, and other systems, forcing the company to shut down offices across 79 countries. The hacktivists also claimed they exfiltrated about 50TB of corporate data from the company’s infrastructure.


What do you think? Post a comment.


Handala appears as a pro-Palestinian hacktivist group but is widely seen as a front for Iran-backed Void Manticore, as reported by SecurityWeek. Known for phishing, data theft, extortion, and destructive wiper attacks, they also engage in info operations and psychological warfare. Since the Iran conflict began, they’ve targeted Israeli military servers, intelligence officers, and companies, stealing or wiping data.

- Advertisement -

EXPLORE MORE

Army officer sentenced to 12 years in prison for secretly feeding woman abortion pills

U.S. Army Capt. Brandon Jones-Adams has been sentenced to 12 years in…

Missing Juvenile Kaylah Myers from the 39th District

The Philadelphia Police Department is seeking the public’s assistance in locating a…

Genshin Impact Version Luna VIII update launches in July

Developer miHoYo has announced the next update for Genshin Impact launching next month,…

Brazil sounds alarm over US invasion threat

Washington’s terrorist designation of two criminal gangs could be used to justify…

Missing Person Michelle Rose from the 5th District Has Been Located

Missing Person Michelle Rose from the 5th District Has Been Located |…

Missing Juvenile Nayely Rodriguez from the 2nd District

The Philadelphia Police Department is asking for the public’s assistance in locating…

Stryker Corporation is a leading U.S.-based medical technology company that develops and manufactures devices and equipment used in hospitals, including surgical tools, orthopedic implants, medical imaging systems, and hospital beds. It is one of the world’s largest medical device manufacturers. Stryker reported global sales of $22.6 billion in 2024 and has over 53,000 employees.

The group said that this attack “is only the beginning of a new chapter in cyber warfare.”

image 42

Stryker said the incident was not a ransomware attack and no malware was deployed. BleepingComputer, citing a source familiar with the incident, reported that the attacker used the wipe command in Microsoft Intune to remotely erase data from nearly 80,000 devices between 5:00 and 8:00 a.m. UTC on March 11. The action was carried out after compromising an administrator account and creating a new Global Administrator account. The investigation is being led by Microsoft’s Detection and Response Team (DART) with support from Palo Alto’s Unit 42. Stryker confirmed the breach was confined to its internal Microsoft corporate environment and did not affect any of its medical products or connected devices.

“All Stryker products across our global portfolio, including connected, digital, and life-saving technologies, remain safe to use. This event was contained to Stryker’s internal Microsoft environment, and as a result it did not affect any of our products—connected or otherwise.” reads the company’s update published on 03/15/2026 11:30 a.m. ET.

Pierluigi Paganini



Share This Article

CONVERSATION

Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted