Medical technology giant Stryker Corp. confirmed Wednesday that it is experiencing a severe global network disruption due to a cyberattack targeting its Microsoft environment, with reports linking the incident to an Iran-backed hacking group amid escalating U.S.-Iran tensions.

The company, headquartered in Portage near Kalamazoo and a major player in surgical equipment, orthopedics, neurotechnology and patient care products, issued a statement on its website acknowledging the attack.

“Stryker is experiencing a global network disruption to our Microsoft environment as a result of a cyber attack,” the company said in an update posted March 11, 2026. “We have no indication of ransomware or malware and believe the incident is contained. Our teams are working rapidly to understand the impact of the attack on our systems. Stryker has business continuity measures in place to continue to support our customers and partners. We are committed to transparency and will keep stakeholders informed as we know more.”

The disruption began early Wednesday, shortly after midnight Eastern time, affecting thousands of employees worldwide. Reports indicate that remote devices including laptops, cellphones and other Microsoft Windows-based systems connected to Stryker’s network were remotely wiped or rendered inoperable. Employees received urgent text messages alerting them to the outage, and some described login pages displaying the logo of Handala, a pro-Iranian hacktivist group.

Handala, also known as the Handala Hack Team, claimed responsibility for the attack on social media platforms including Telegram. In a lengthy manifesto, the group asserted it had delivered an “unprecedented blow” by erasing data from more than 200,000 servers, mobile devices and other systems across Stryker’s operations in 79 countries. The hackers framed the incident as retaliation for U.S. and Israeli military strikes on Iran, specifically citing a “brutal attack on the Minab school” and ongoing cyber operations against the “Axis of Resistance.”

The Wall Street Journal first reported the suspected Iran link, noting that the attack marked a significant escalation in cyber operations tied to the ongoing conflict. Cybersecurity experts described the incident as a destructive “wiper” attack rather than traditional ransomware, focusing on data deletion and system disruption instead of extortion.

Stryker, which employs approximately 56,000 people globally and reported revenue exceeding $25 billion in 2025, emphasized that no evidence of ransomware or persistent malware had been found. The company stated it was collaborating with partners, including Microsoft, to restore systems and operations. Business continuity plans were activated to minimize impacts on customer support, though the full scope of operational disruptions remained unclear as of late Wednesday.

The attack comes against the backdrop of heightened geopolitical tensions following U.S. and Israeli military actions in Iran that began in February 2026. Iran has vowed retaliation through various means, including proxy operations and cyberattacks. U.S. officials have long warned of Iranian capabilities in asymmetric warfare, including cyber intrusions targeting critical infrastructure and private sector entities.

While Stryker’s core medical devices and manufacturing appear unaffected — with no reports of direct impacts on patient care equipment like defibrillators, hospital beds or surgical tools — the outage disrupted internal communications, remote access and potentially supply chain coordination. Facilities in locations including Ireland, where Stryker has significant operations in Cork employing thousands, reported similar system shutdowns.

Stock in Stryker (NYSE: SYK) fell about 3.6% on Wednesday amid the news, reflecting investor concerns over potential recovery costs, reputational damage and broader supply chain implications in the health care sector.

This is not Stryker’s first brush with cybersecurity issues. The company has previously issued advisories on vulnerabilities affecting its products, including responses to the WannaCry ransomware campaign and KRACK wireless protocol flaws in certain beds. In 2024, Stryker disclosed a separate data breach involving unauthorized access to internal systems between May and June, notifying affected individuals and regulators. However, the current incident appears distinct, focused on corporate IT infrastructure rather than product-specific vulnerabilities or patient data.

Experts noted that wiper-style attacks, while disruptive, are less common in Western targets compared to espionage or ransomware. Handala has a history of claiming politically motivated operations, often aligned with Iranian interests, though attribution in cyber incidents remains challenging without forensic confirmation.

Federal authorities, including the FBI and Cybersecurity and Infrastructure Security Agency (CISA), have not publicly commented on the Stryker case as of March 12, 2026. However, the incident aligns with broader warnings about Iranian cyber threats to U.S. companies, particularly those in strategic sectors like health care.

Stryker serves more than 150 million patients annually through its portfolio of medical technologies. The company urged patience as restoration efforts continue and promised further updates. No changes to patient safety protocols or product availability have been announced.

The cyberattack underscores the vulnerability of global enterprises to state-sponsored or affiliated actors in an era of hybrid warfare. As investigations proceed, the incident may prompt renewed calls for enhanced cybersecurity defenses across the medical technology industry.

Michigan-based medical device company Stryker announced on Thursday it is experiencing a “global network disruption” to its Microsoft suite following a cyberattack that may have ties to a pro-Iranian group.

Fox News spoke to a Stryker employee based in Boise, Idaho, who confirmed the attack and said they were unable to access their network. 

The employee said they were advised to avoid connecting to any Stryker VPN networks or software on any device, and coworkers’ work phones were wiped Wednesday morning. 

FILE PHOTO – Cyber security IT engineer working on protecting network against cyberattack from hackers on internet.  (iStock / iStock)

SILICON VALLEY ENGINEERS CHARGED WITH STEALING GOOGLE TRADE SECRETS AND TRANSFERRING THEM TO IRAN

In a message to customers, Stryker confirmed it is experiencing a global network disruption to its Microsoft environment as a result of a cyberattack. 

“We have no indication of ransomware or malware and believe the incident is contained,” Stryker wrote. “Our teams are working rapidly to understand the impact of the attack on our systems.”

A pro-Iranian hacktivist group later took to social media to claim responsibility for the cyberattack. 

The hackers, who alleged Stryker was a “Zionist-rooted corporation,” claimed 200,000 systems were affected and 50 terabytes of data were extracted.

It is unclear who is responsible for the cyberattack. (Reuters / Reuters Photos)

META CEO TO TESTIFY IN HIGH-STAKES TRIAL THAT COULD COST BIG TECH BILLIONS

Stryker has not yet confirmed the group’s involvement.

The same hacking group claimed to have breached New York City-based company Verifone, which provides technology for electronic payment transactions to 75% of the top retailers, according to the company’s website.

A spokesperson for Verifone told FOX Business the claims are false.

“Verifone closely monitors the security and integrity of its systems worldwide,” the spokesperson said. “We have observed recent allegations on March 11 from threat actors claiming an intrusion into our systems in Israel. Verifone has found no evidence of any incident related to this claim and has no service disruption to our clients.” 

Additional details about the cyberattack have not been released. (iStock / iStock)

CLICK HERE TO GET FOX BUSINESS ON THE GO

Stryker did not immediately respond to FOX Business’ request for comment.

Thailand’s Board of Investment believes the Middle East conflict is unlikely to significantly impact overall investment in Thailand. While some areas might experience specific effects, the broader investment landscape remains stable. The board remains optimistic about maintaining investor confidence and continuing to attract foreign investments despite regional geopolitical tensions.

The Bank of Thailand (BOI) has expressed confidence that the ongoing Middle East conflict is unlikely to significantly affect investment in Thailand. According to the BOI, Thailand’s economy is well-buffered due to its diverse investment portfolio and strong economic fundamentals, which offer resilience against external geopolitical tensions. The nation continues to attract investors due to its strategic location and robust infrastructure.

Thailand’s economic stability is further reinforced by its thriving industries, including tourism, manufacturing, and agriculture, which have consistently drawn international interest. The BOI emphasizes that these sectors provide a solid foundation for sustained growth, even amidst global uncertainties. Furthermore, ongoing government initiatives aimed at enhancing economic resilience bolster investor confidence in Thailand’s future prospects.

The BOI remains proactive in monitoring global situations, ready to implement strategies to mitigate any potential impacts on the economy. By maintaining open lines of communication with stakeholders, the BOI aims to reassure investors of Thailand’s commitment to maintaining a conducive investment environment. This reassured outlook positions Thailand as a reliable destination for investment, insulated from the immediate ripples of Middle Eastern geopolitical unrest.

source

Other People are Reading

This article was written by

Follow

PITTSBURGH (AP) — A tornado warning was briefly in effect Wednesday afternoon for portions of Allegheny County, including parts of Pittsburgh, as a line of severe thunderstorms moved through western Pennsylvania, prompting urgent safety alerts from the National Weather Service.

The warning, issued around 1:57 p.m. EDT, targeted central Allegheny County and northeastern Washington County until 2:30 p.m. EDT. Meteorologists detected radar-indicated rotation in a severe thunderstorm over McDonald, about 8 miles northwest of Canonsburg, moving east at approximately 40 mph.

“Hazard… Tornado,” the National Weather Service in Pittsburgh stated in the alert. “Source… Radar indicated rotation. Impact… Flying debris will be dangerous to those caught without shelter. Mobile homes will be damaged or destroyed. Damage to roofs, windows and vehicles will occur. Tree damage is likely.”

Locations potentially affected included Pittsburgh, Mount Lebanon, Bethel Park, McKeesport, West Mifflin, Baldwin, Upper St. Clair, Scott Township, Wilkinsburg, Whitehall, Robinson Township, Munhall, Brentwood, Swissvale, Dormont and Castle Shannon.

Residents in the warned areas were urged to take immediate action: move to an interior room on the lowest floor of a well-built building, away from windows. Those outdoors, in mobile homes or vehicles were advised to seek the nearest substantial shelter and protect themselves from flying debris.

The tornado warning was part of a broader severe weather event impacting the region. A tornado watch remained in effect until 8 p.m. EDT for multiple counties in western Pennsylvania, including Allegheny, Fayette, Greene, Indiana, Somerset, Washington and Westmoreland. The watch indicated conditions favorable for severe thunderstorms capable of producing tornadoes, large hail and damaging winds.

Earlier in the afternoon, a severe thunderstorm warning covered parts of Allegheny, Beaver, Washington and Westmoreland counties until 2:15 p.m. Severe thunderstorms tracked along a line from Coraopolis to near Avella, or from Moon Township to near Avella, moving east at 60 mph. Hazards included 60 mph wind gusts, with expected damage to roofs, siding and trees. Impacted communities ranged from Pittsburgh and Penn Hills to Ross Township, McCandless Township, Moon Township, Weirton, Franklin Park, Shaler Township, Plum, North Side Pittsburgh, Hampton Township, Scott Township, Wilkinsburg, Robinson Township, New Kensington, Lower Burrell and Harrison Township.

Additional severe thunderstorm warnings followed, including one for Allegheny, Armstrong, Beaver, Indiana, Washington and Westmoreland counties, with storms moving east at 55 mph from areas near Leechburg to Pittsburgh.

The Storm Prediction Center had placed western Pennsylvania, along with eastern Ohio and the northern West Virginia panhandle, under a “slight” risk (level 2 out of 5) for severe weather. Forecasters noted increased confidence in severe storms, with potential for a few significant events featuring damaging winds as the primary threat, though isolated tornadoes remained possible.

Meteorologists described the setup as a “messy” severe weather situation, with multiple rounds of storms possible through the evening hours, potentially until 10 p.m. The region faced threats of damaging winds, hail and isolated tornadoes amid an active weather pattern contributing to outbreaks across parts of the Midwest and South.

No immediate reports of confirmed tornadoes or major damage emerged from the Pittsburgh area as the warned storms passed. The National Weather Service encouraged residents to report any storm damage, including downed trees, power outages or structural impacts, via social media comments or official channels.

As the tornado warning expired around 2:30 p.m., some updates indicated cancellations for specific segments, such as those covering Pittsburgh, West Mifflin and Baldwin. However, the overarching tornado watch continued, signaling the need for vigilance through the evening.

The National Weather Service Pittsburgh office, based in Moon Township, maintained active monitoring. Interactive radar tools and wireless emergency alerts were recommended for real-time updates.

Severe weather events like Wednesday’s are not uncommon in early spring across Pennsylvania, where clashing air masses can fuel thunderstorms. Residents are advised to have a plan in place: identify safe shelter locations, monitor NOAA Weather Radio or local news, and heed all warnings promptly.

Forecasters stressed that tornadoes can develop rapidly from severe thunderstorms, leaving little time for preparation. Safety guidelines include avoiding windows, not opening doors to check conditions and staying informed via official sources.

As storms moved eastward, attention shifted to potential lingering effects, such as downed power lines or localized flooding from heavy rain accompanying the thunderstorms. No widespread power outages or injuries were immediately reported in connection with the afternoon warnings.

The event unfolded amid a national severe weather outbreak, with nighttime tornado risks noted in other regions earlier in the week. In western Pennsylvania, the focus remained on wind damage and the isolated tornado threat.

Local broadcasters, including WTAE, KDKA and WPXI, provided continuous coverage, urging viewers to stay tuned for updates. Social media posts from meteorologists and news outlets amplified the alerts, with some automated safety responses emphasizing immediate sheltering.

As of late Wednesday afternoon, the primary severe weather threats appeared to ease in the immediate Pittsburgh metro area, though isolated storms could persist. Residents were encouraged to remain weather-aware, especially with the tornado watch extending into the evening.

The National Weather Service continues to urge proactive preparation during severe weather season. Resources for safety tips, including thunderstorm and tornado preparedness, are available on weather.gov.