Body
Stryker, based in Portage, Michigan, said a cyberattack disrupted its global networks on Wednesday, prompting the company to assess the effect on its systems and services. In a statement published on its website, Stryker said it had “no indication of ransomware or malware” and believed the incident was “contained,” adding that its teams were working to understand the impact.
Stryker said the cyberattack affected its Microsoft programs. The company also said it did not immediately respond to emails seeking additional information.
In reporting on the incident, The Wall Street Journal said the logo of Handala, a hacking group linked to Iran, appeared on company login pages. Stryker did not describe that claim in the statement excerpted in the initial report.
In regulatory disclosures, Stryker told investors that it had not yet determined when all systems would be fully restored. In an SEC filing, the company said the timeline for restoration and the “full scope” of the impact on business were not yet known.
Recorded Future senior adviser Alexander Leslie said the pattern of targeting and impact stood out. Leslie said what was notable was the “escalation in target choice and effect,” and he told The Associated Press that attacking a high-profile U.S. health care manufacturer was “exactly the kind of pressure point that creates outsized strategic and political ripple effects.”
The incident highlights the operational risks facing large medical technology firms that connect corporate systems, vendor platforms, and customer-facing operations across countries. For patients and providers, the practical concern is how quickly IT disruptions can be identified, contained, and resolved—especially when companies are still determining the full scope of business impact.