A gaggle of Iran-linked hackers say they’ve damaged into the servers of U.S. medical tech large Stryker, inflicting disruptions worldwide. As of Wednesday morning, a lot of Stryker’s international techniques have been wiped, and a few login pages are as an alternative displaying the emblem of the hacker group.
The hacktivist group, generally known as Handala, claimed accountability for the assault in a message posted on an X account purporting to belong to the group. The hackers wrote that they attacked Stryker “in retaliation for the brutal assault on the Minab college and in response to ongoing cyber assaults in opposition to the infrastructure” of Iran and its allies. The hackers have been referring to the Minab women college in Tehran, which the U.S. army reportedly bombed in its latest assaults on Iran, killing greater than 175 folks, most of them kids.
Stryker, which makes medical units and expertise for hospitals, doesn’t seem like instantly linked to the latest assaults on Iran, although it has operations in Israel and did final yr safe a $450 million contract from the Division of Protection to produce medical units to the U.S. army.
“On this operation, over 200,000 techniques, servers, and cellular units have been wiped and 50 terabytes of crucial knowledge have been extracted. Stryker’s places of work in 79 nations have been pressured to close down,” the hackers wrote.
The hackers’ claims seem like at the very least partly credible. In line with The Wall Road Journal, some Stryker techniques everywhere in the world have been wiped, and others are displaying the emblem of the hackers group on login pages.
“Our groups are actively working to revive techniques and operations as rapidly as attainable. Stryker has enterprise continuity measures in place, and we’re dedicated to persevering with to serve our clients,” a Stryker spokesperson informed the Journal.
“Stryker is at present experiencing a extreme, international disruption throughout the Home windows setting impacting each consumer units and servers,” learn a discover despatched to workers, in keeping with the WSJ. “The difficulty is widespread and considerably affecting customers’ potential to entry techniques and providers.”
Techcrunch occasion
San Francisco, CA
|
October 13-15, 2026
The corporate didn’t instantly reply to information.killnetswitch’s request for remark. The U.S. Cybersecurity and Infrastructure Safety Company, which responds to cyberattacks, didn’t reply to a request for remark.
In line with the IBM X-Drive Alternate, Handala emerged after Hamas’ October 7 assault on Israel and has focused Israeli civilian infrastructure, vitality firms within the Gulf area, and Western organizations. “Its operations deal with producing disruptive and psychological impression,” the corporate wrote on the change, which tracks menace teams. “Handala employs a broad and evolving toolkit, together with phishing, customized wiper malware, ransomware‑model extortion, knowledge theft, and hack‑and‑leak exercise. Its campaigns persistently characteristic ideological messaging, inflated or deceptive breach claims, and deliberate concentrating on of life‑crucial sectors similar to healthcare and vitality.”
Handala additionally has a web site that lists and doxes dozens of Israelis who allegedly work or used to work for the Israeli Protection Forces, in addition to main native protection and surveillance contractors, similar to Elbit Techniques and NSO Group.
Israeli cybersecurity agency Verify Level wrote in a latest report that for the reason that begin of the warfare in Iran, Handala is “breaking into low-hanging techniques, conducting hack-and-leak exercise, and timing the publication of stolen materials to maximise stress.”
