The Iran-linked cyber group Handala claimed responsibility for the attack.
A hacking group linked to Iran has claimed responsibility for a cyberattack on major medical device maker Stryker.
In a statement sent yesterday (March 11), Stryker said the cyberattack caused network disruptions around the world. “We have no indication of ransomware or malware and we believe the incident is contained,” the company said.
In a regulatory filing, Stryker acknowledged that the incident cut off access to some of its information systems and business applications, affecting operations. He did not know when the programs would be fully restored. Bloomberg noted an earlier memo in which Stryker said the attack disrupted its networks.
Pro-Iranian cyber group Handala claimed responsibility for the attack, marking what appears to be the first major disruption of a US organization since the start of the US-Israeli war against Iran on 28 February.
“Our major cyber operation has been carried out with complete success,” wrote the X page, which appears to belong to Handala, saying the attack was in retaliation for the “brutal attack on the Minab school” and “continuous cyber attacks against the infrastructure of the Axis of Resistance.”
In the post, the group said that the attack took down more than 200,000 systems, servers and mobile devices, and that 50 TB of important data was removed. The group also said that Stryker’s offices in 79 countries were forced to close.
“You did not take our warning seriously and entered into a dangerous game of attacking infrastructure. Now you are witnessing the most powerful and widespread cyber attack in recent years,” read a separate post on the page.
Michigan-based Stryker has about 56,000 employees and made more than $25bn in revenue last year making equipment such as orthopedic implants, surgical instruments and hospital beds.
Reports indicate that the company’s Cork factory, which employs more than 4,000 people, was affected by the attack. Stryker also has factories in Limerick and Belfast. The Wall Street Journal reported that the disruption started in the US before spreading around the world.
Smarttech247 operations director Ken Sheehan said there is evidence that they [Handala] target infrastructure and service providers around the world, to maximize disruption.
“Multiple reports are now linking this group to a targeted attack on at least one business operating in Ireland, related to it.
“With the recent outbreak of war in the Middle East, we have been advising customers that cyber risks will increase and greater vigilance is required to monitor these types of attacks.”
He recommended that organizations develop cybersecurity awareness training, especially regarding phishing and other social engineering attacks. Sheehan said the biggest threat to Handala is still phishing.
After its attack on Stryker on Wednesday, Handala’s page called X also claimed a cyberattack on Israeli fintech Verifone. Verifone, however, said it found no evidence of such an attack.
“We have seen the latest allegations on March 11, 2026 of threat actors claiming to have infiltrated our system in Israel,” a Verifone spokesperson told the Register. “Verifone has received no evidence of any incident related to this claim and there is no service disruption to our customers.”
Don’t miss out on the information you need to succeed. Sign up for Daily BriefSilicon Republic’s digest of must-know sci-tech news.
