Hackers linked to Iran have claimed responsibility for a cyberattack targeting U.S.-based medical equipment company Stryker, resulting in its products going offline across its global offices.
Wednesday's attack left thousands of workers unable to access the company's systems, according to WOOD-TV.
Handala, the Iranian-linked hacker group, took responsibility for the attack in a social media post. It called the attack a retaliation "for the brutal attack on the Minab school and in response to ongoing cyber assaults against the infrastructure of the Axis of Resistance."
It continued, calling Stryker a "Zionist-rooted corporation" and "one of the key arms of the global Zionist lobby and a central ring in the 'New Epstein' chain." The hacker group’s logo appeared on Stryker company log-in pages following the attack, according to the Wall Street Journal.
Stryker purchased Israeli medical technology company OrthoSpace in 2019. The Independent has requested comment from Stryker.
The Minab school attack references the destruction of a school in Iran during the opening U.S. and Israeli attack in Tehran. At least 175 people, most of them children, were killed in the attack. A U.S. military investigation has determined that President Donald Trump's attack caused the destruction, though Trump himself has refused to accept responsibility for the deaths.
"In this operation, over 200,000 systems, servers, and mobile devices have been wiped and 50 terabytes of critical data have been extracted," the group wrote.
Stryker is a medical and surgical equipment maker based in Kalamazoo, Michigan. It reported $25 billion in global sales in 2025.
Stryker addressed the cyberattack in a statement posted to its website.
"Stryker is experiencing a global network disruption to our Microsoft environment as a result of a cyber attack. We have no indication of ransomware or malware and believe the incident is contained. Our teams are working rapidly to understand the impact of the attack on our systems," the company said. "Stryker has business continuity measures in place to continue to support our customers and partners. We are committed to transparency and will keep stakeholders informed as we know more."
A healthcare professional, speaking on condition of anonymity, told KrebsonSecurity that virtually all U.S. hospitals that perform surgeries use some products from Stryker.
“This is a real-world supply chain attack,” the source said. “Pretty much every hospital in the U.S. that performs surgeries uses their supplies.”
John Riggi, the national advisor for the American Hospital Association, told the outlet that the AHA was not aware of any supply-chain disruptions stemming from the attack.
“As of this time, we are not aware of any direct impacts or disruptions to U.S. hospitals as a result of this attack," he said. "That may change as hospitals evaluate services, technology and supply chain related to Stryker and if the duration of the attack extends.”
Handala said in its statement that it released all of the data it stole to the public and threatened further cyberattacks.
“All the acquired data is now in the hands of the free people of the world, ready to be used for the true advancement of humanity and the exposure of injustice and corruption,” Handala said in its statement. "The era of the 'Epstein' rings and the demons of our time is over. 'Nimrod of this era,' even if you close your windows, we will build our nests everywhere. Get ready for the mosquito..."
Nimrod is a Biblical figure, a Mesopotamian tyrant who led a rebellion against God, with some mythology attributing the construction of the Tower of Babel to the leader.
Following the attack, Stryker employees were reportedly told not to log on to their computers or to connect to any of the company's mobile apps.
“We are experiencing a severe, global disruption impacting all Stryker laptops and systems that connect to our network,” a text sent to Stryker employees reportedly said, according to WOOD-TV.
The shutdown came just a day after FBI Director Kash Patel said his agency was working "24/7" to stay ahead of potential cyber attacks.
“FBI is working 24/7 to stay ahead of the threat and implement a sweeping Cyber strategy pursuant to President Trump’s ‘Cyber Strategy for America’,” Patel wrote in a social media post on Tuesday.
