Stryker attack wiped tens of thousands of devices, no malware needed

Stryker attack wiped tens of thousands of devices, no malware needed

Last week’s cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices.

The organization says in an update on Sunday that all its medical devices are safe to use but electronic ordering systems remain offline, and customers must place orders manually through sales representatives.

Stryker emphasizes that the incident was not a ransomware attack and that the threat actor did not deploy any malware on its systems.

Last week, Stryker was the target of a cyberattack claimed by the Handala hacktivist group, believed to be linked to Iran.

The attacker alleged that they wiped “over 200,000 systems, servers, and mobile devices” and stole 50 terabytes of data. However, investigators did not find any indication that data was exfiltrated.

Following the disruption, Stryker employees in multiple countries started to complain that their managed devices had been remotely wiped overnight.

Some employees had their personal devices enrolled in the company network and lost personal data during the wiping process.

Hackers had Global Admin privileges

A source familiar with the attack told BleepingComputer that the threat actor used the wipe command in Intune, Microsoft’s cloud-based endpoint management service, to erase data from nearly 80,000 devices between 5:00 and 8:00 a.m. UTC on March 11.

The attacker carried out the action after compromising an administrator account and creating a new Global Administrator account.

The investigation is being conducted by the Microsoft Detection and Response Team (DART) in collaboration with cybersecurity experts from Palo Alto Unit 42.

Stryker’s update highlights that the attack did not impact any of its products, connected or otherwise, and was limited exclusively to the internal Microsoft corporate environment.

“All Stryker products across our global portfolio, including connected, digital, and life-saving technologies, remain safe to use,” the company says.

Restoration efforts are currently underway, the main focus being on resuming shipping and transactional services. Customers are encouraged to maintain normal communication with company personnel while the infrastructure is steadily recovered.

Any order placed before the cyberattack will be honored as systems are restored, while those placed during the disruption will be processed when systems are back online, and the supply flow resumes to normal.

The company is working with its global manufacturing sites to deal with potential operational impact.

Stryker’s current priority is to restore the supply-chain system and resume customer orders and shipping. “Our core transactional systems are already on a clear path to full recovery,” the company says.


tines

Red Report 2026: Why Ransomware Encryption Dropped 38%

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Read More
Ionut Ilascu

Latest

Berita celebrates milestone as ‘Namhlanje’ turns two months old

Music Celebrities Published on May 20, 2026 Berita is celebrating her...

What is a DAC? How to get better Lossless Audio on iPhone and Mac

Music Image: FoundryOliver Schusser, Apple’s Vice President in charge...

Nick Jonas Reveals Whether Daughter Malti Will Follow in His Musical Footsteps

Music About UsSubscribeContact UsFAQCareersClosed CaptioningWatch Full EpisodesSitemapE! International TV...

Newsletter

Don't miss

Berita celebrates milestone as ‘Namhlanje’ turns two months old

Music Celebrities Published on May 20, 2026 Berita is celebrating her...

What is a DAC? How to get better Lossless Audio on iPhone and Mac

Music Image: FoundryOliver Schusser, Apple’s Vice President in charge...

Nick Jonas Reveals Whether Daughter Malti Will Follow in His Musical Footsteps

Music About UsSubscribeContact UsFAQCareersClosed CaptioningWatch Full EpisodesSitemapE! International TV...

Global musicians go east as China becomes a major touring destination

MusicChina Entertainment News: Global musicians go east as...

Business seminar in Munich highlights Hong Kong’s strategic roles amidst global shifts (with photos)

Business seminar in Munich highlights Hong Kong's strategic roles amidst global shifts (with photos) ******************************************************************************************      The Hong Kong Economic and Trade Office, Berlin (HKETO Berlin), promoted Hong Kong's unique advantages and strategic roles at the seminar "Hong Kong's strategic role amidst geopolitical tensions" on June 18 (Munich time) in Munich, Germany.             Senior executives, investors

AI for business services: From job fears to productivity

AI for business services: From job fears to productivity

Business Insurance-AZ Achieves Record Response Times for 2026 Arizona Construction Bids

Business Insurance-AZ achieves milestone response speeds for commercial construction bids across Arizona, accelerating documentation delivery to keep local projects moving forward without delay. Phoenix, AZ, June 06-2026, ZEX PR WIRE — Business Insurance-AZ has achieved record-breaking processing speeds and response times for commercial construction bids throughout Arizona, directly supporting the state’s massive infrastructure and advanced manufacturing boom