ATTACK on Stryker’s Microsoft environment wiped tens of thousands of employee devices without malware. The breach targeted Stryker’s internal Microsoft environment and remotely wiped devices without using malware, with the wipe affecting nearly 80,000 devices between 5:00 and 8:00 a.m. UTC on 11 March. According to BleepingComputer, citing a source familiar with the incident, the action followed the compromise of an administrator account and the creation of a new Global Administrator account.
Stryker said the incident was confined to its internal Microsoft corporate environment and did not affect any of its medical products or connected devices. Handala claimed responsibility for the disruption, stating it wiped more than 200,000 servers, mobile devices and other systems and exfiltrated about 50TB of data, though Stryker described the event as not a ransomware attack. The company’s update on 15 March 2026 stressed that all Stryker products across its portfolio remain safe to use.