Iran-Linked Hacker Group Claims Cyberattack on U.S. Medical Company
An Iran-linked hacking group has claimed responsibility for a major cyberattack on U.S. medical technology giant Stryker, marking a significant escalation of cyber warfare amid rising tensions between Iran and the United States. The attack disrupted the company’s internal systems worldwide and temporarily affected operations for thousands of employees.
What happened
The hackers—reportedly associated with a group known as Handala—said they carried out the attack as retaliation for recent U.S.-Israeli military actions in Iran. According to posts on the group’s Telegram and social media channels, the operation targeted Stryker’s global network and internal communications systems.
Stryker confirmed that a cyberattack caused a global network disruption, affecting its internal Microsoft-based environment and limiting access to some company systems. The Michigan-based firm employs around 56,000 people across more than 60 countries, making it one of the largest medical device manufacturers in the world.
Devices and systems disrupted
Reports indicate that the hackers remotely interfered with corporate devices, including work phones and laptops. Some employees found that their devices suddenly stopped working, preventing them from accessing company systems or communicating internally.
Employees were instructed to disconnect corporate devices from the network and avoid turning them on as cybersecurity teams worked to contain the incident.
Hackers also reportedly placed their logo on internal login pages and claimed to have wiped or disrupted thousands of devices connected to the company network.
Data theft claims
The hacking group claimed it had stolen about 50 terabytes of company data, saying the information was now “in the hands of the free people of the world.” These claims have not been independently verified.
Stryker, however, stated that there was no evidence of ransomware or malware in the systems affected and that the attack appeared limited to certain internal environments.
Possible motive
The attackers said the cyberstrike was retaliation for a deadly strike on a school in Iran, which Iranian media claim killed more than 150 people. The incident has become a flashpoint in the broader U.S.–Iran conflict currently unfolding across the Middle East.
Experts say such attacks are part of a growing pattern in modern conflicts, where cyber operations are used alongside military actions to disrupt economies and infrastructure.
Cyberwarfare expanding
Security analysts warn that targeting a major healthcare supplier like Stryker could have wider consequences because the company provides equipment used in hospitals and medical facilities worldwide. Attacks on suppliers can cause cascading disruptions across healthcare systems, even if hospitals themselves are not directly targeted.
Cyber activity has increasingly become part of the ongoing 2026 Iran war, with both sides and affiliated hacker groups carrying out digital attacks alongside conventional military operations.
Current situation
Stryker said it is working to restore affected systems and continues to support customers through contingency measures while investigations into the breach continue.
Officials in the United States have also indicated they are closely monitoring potential cyber threats as tensions with Iran escalate.
This article may be prepared with the assistance of artificial intelligence (AI) and is reviewed before publication. While we aim for accuracy and timeliness, readers should verify important facts from official or primary sources. If you believe any information is inaccurate or that any content infringes your rights, please contact ainewsbreaking.com for review and appropriate action.
