One of America’s largest medical devices companies — Stryker — has been hit by a massive cyber attack that has sent its systems offline and disabled laptops and phones of its employees across the globe. On Wednesday, March 11, thousands of Stryker employees woke up to find their smartphones and laptops inoperational. For those unaware, Stryker is based in Portage, Michigan, and makes a variety of medical products, from artificial joints to hospital beds. It had revenue of more than $25 billion in 2025 and has a market valuation of about $132 billion. The company says it has 56,000 employees around the world. Stryker has operations across 61 countries.Hackers have linked the Stryker cyberattack to the reported military strike in the Iranian city of Minab. The group said that the attack was carried out as retaliation for the strike on a girls’ school that reportedly caused many deaths. This potentially marks the first known major cyber disruption of an American organization since joint US-Israeli strikes against Iran.

What Stryker said on the cyberattack

Stryker confirmed that it has experienced a global disruption to its Microsoft systems as a result of a cyberattack. “We have no indication of ransomware or malware and believe the incident is contained,” the company said. In a securities filing later in the day, Stryker said it was “working diligently to restore affected functions, but it expects the attack will keep disrupting company operations for an undetermined period.

Are Stryker employees in the US only impacted, or those outside as well

Employees across the United States, Europe, and Asia were locked out of their systems. Workers reported they could not access email, internal software, or communication tools. One of the hardest-hit locations was Cork, Ireland, where Stryker operates its largest site outside the United States. Th

What message Handala group hackers put along with its logo on laptops and phones of Stryker employees

The hackers displayed on the company’s internal login pages the logo of a collective that Western cyber threat experts have said is the Iran-linked group, Handala. Employees at Stryker saw the message after logging into laptops and phones that had been wiped during the cyberattack. The login screens showed the Handala logo and a statement from the hackers. The message reportedly read, “No need to learn Hebrew anymore. You won’t need it for much longer.” Employees said their laptops stopped working and login screens showed the hackers’ message. In several cases, personal mobile phones were also affected if they had the company’s work profile installed.

What is Handala and what it has said on attack on Stryker

Reports suggest that Handala is a pro-Palestinian hacking group. Reports suggest that Handala has claimed that it had attacked Stryker because it had connections to Israel. In 2019, Stryker acquired the Israeli company OrthoSpace. Stryker has also previously worked with the US military: Last year, it won a $450 million contract to supply medical devices to the US Department of Defense.

Did hackers wipe off data from laptops and mobile phones of Stryker employees

Yes, reports suggest that all data from the laptops and mobile phones of Stryker employee has been erased. The Handala hacker attack has also left employee laptops and mobile phones disabled. According to reports, .hackers deployed wiper malware that erased files and data from systems linked to the company’s Microsoft Windows environment.The wiping of devices prevented staff from accessing company systems, email, and internal communication tools, which halted operations across multiple locations.

What is the message displayed on disabled systems of Stryker

Handala hackers have claimed that they erased systems connected to the company and extracted large amounts of data. In a statement posted online, the group said that it has wiped over 200,000 systems, servers, and mobile devices and extracted 50TB of data. The statement further claimed that Stryker offices across 50-plus countries have been forced to shut down after the attack.

What Stryker told employees about the cyberattack

The company has asked its roughly 56,000 employees across the globe to disconnect from all networks and avoid turning on company-issued devices. IAccording to a memo seen by Bloomberg News, the company acknowledged that the attack had crippled its network.

How wiper attacks spread

Wiper malware usually enters systems through phishing emails, malicious downloads, or compromised websites. Attackers may also exploit software vulnerabilities to install the malware. Once inside a network, the malware identifies files, databases, or entire drives. It then deletes or corrupts data. Attackers often use privilege escalation to gain deeper access to systems. The goal is to destroy as much data as possible and stop normal operations. This can cause financial loss, operational shutdown, and damage to company reputation.

What White House said on Stryker cyberattack

“The Trump administration is always proactively monitoring potential cyber threats and driving a response with our world-class critical infrastructure regulator agencies and law enforcement entities,” a White House official said.