Stryker
Stryker Official Website

Medical technology giant Stryker has been forced to halt production after a large-scale cyberattack wiped thousands of devices and locked employees out of their systems.

The incident, linked to the Iran-aligned hacking group Handala, left staff scrambling to regain access to email, work profiles and company portals. Employees reported their laptops, mobile phones and even personal devices enrolled in corporate systems being wiped at around 3:30 AM Eastern Time.

The attack immediately affected operations at Stryker's global facilities, including its major manufacturing hub in Cork, Ireland, where essential medical device production has come to a standstill. With roughly 56,000 employees in 61 countries, the disruption has left the company facing significant operational and financial pressure as supply chains are stalled and products cannot be made.

How The Cyberattack Was Carried Out

According to reports, the disruption began shortly after midnight on the US East Coast. Employees discovered that devices connected to Stryker's Microsoft-powered network were wiped or locked, preventing access to critical enterprise applications such as Teams, VPNs and Microsoft Entra login systems. The company instructed staff to disconnect all company-issued devices from the internet and remove work profiles from personal devices.

Handala claimed responsibility for the attack via social media, framing it as retaliation for US and Israeli strikes on Iran. The group claimed to have extracted and deleted information from more than 200,000 systems, although Stryker has stated it has found no indications of ransomware or malware. Investigators are still assessing the full scope of the breach, but early reports suggest the attack was highly coordinated and targeted global systems simultaneously.

Staff have described the situation as chaotic, with many unable to access emails, corporate portals or even personal data from phones enrolled in company systems.

One employee reported being locked out of their eSim and personal banking applications, while others struggled to communicate with colleagues due to two-factor authentication failures. The attack affected Stryker's Portage headquarters in West Michigan, as well as Ireland's largest manufacturing site, where production lines have paused.

The company emphasised that its business continuity plans are active to support customers and partners, but the halt in production means no new medical devices are currently being manufactured. Analysts warn that extended downtime could have ripple effects on hospital supplies and surgical procedures, creating both financial and operational strain for Stryker.

International Links

Handala's claim comes amid rising tensions in the Middle East following recent US and Israeli strikes in Iran. Security experts suggest that multinational companies with global operations and extensive IT networks are increasingly vulnerable to state-linked cyber threats. Stryker joins other firms reviewing workforce safety and supply chain resilience in light of geopolitical developments.

While the cyberattack has caused immediate disruption, Stryker maintains that the incident is contained and continues to communicate with employees and stakeholders. However, the long-term impact on production schedules, customer deliveries and operational confidence remains uncertain. With thousands of devices affected globally, the company faces a challenging recovery ahead as it works to restore systems and resume normal manufacturing.

Stryker's current crisis highlights the growing intersection between international politics and corporate cybersecurity. A single hacking group has managed to stop production, compromise employee systems, and create a global pause in a company critical to medical technology. The question of how long production will remain offline remains unanswered, but for now, Stryker's employees and clients are left waiting while global operations remain at a standstill.

Writer's pick