A cyberattack that appears to have knocked tens of thousands of Stryker systems offline this week is a sobering reminder of the need for robust and tested business continuity and disaster recovery plans. Iranian threat group Handala claimed responsibility for the attack, describing it as retribution for a recent airstrike and for the company’s alleged ties to Israel.
In a post on X, Handala claimed it had wiped about 200,000 Stryker “systems, servers and mobile devices” and exfiltrated 50 terabytes of data, with Stryker’s offices in 79 countries allegedly shut down. Stryker described the incident as a global network disruption to its Microsoft environment, noting it believes the issue has been contained and that it is working to understand the true scope while maintaining business continuity plans for customers and partners.
By Thursday, the company indicated some systems were still disrupted but that products such as its robotic surgical platform and real-time communication tools remained safe to use.