An ensemble of cyber-attackers connected to Iran assert they have infiltrated the digital infrastructure of the American healthcare technology titan, Stryker, leading to global disturbances. By Wednesday’s dawn, numerous worldwide systems belonging to Stryker have been erased, and certain access portals now display the emblem of the cyber-criminal collective.
Handala, a collective of hacktivists, took credit for the intrusion via a statement published on an X (formerly Twitter) profile allegedly associated with them. The perpetrators stated their targeting of Stryker was “in reprisal for the savage assault on the Minab educational institution and as a reaction to persistent digital incursions targeting the vital networks” of Iran and its associates. They were alluding to the Minab girls’ academy in Tehran, which American armed forces reportedly struck during their recent bombardments in Iran, resulting in the fatalities of over 175 individuals, predominantly minors.
Stryker, a manufacturer of healthcare equipment and technological solutions for medical facilities, does not seem to possess a direct connection to the recent aggressions against Iran, despite maintaining operations in Israel and having secured a substantial $450 million agreement last year from the Department of Defense to furnish medical apparatus to the American armed forces.
“During this undertaking, more than 200,000 computing systems, servers, and portable gadgets have been purged, alongside the exfiltration of 50 terabytes of crucial information. Stryker’s branches spanning 79 nations have been compelled to cease operations,” the cyber-intruders declared.
The assertions put forth by the perpetrators possess at least partial verisimilitude. As per The Wall Street Journal, certain Stryker systems globally have indeed been erased, while others are displaying the emblem of the hacking collective on their access interfaces.
“Our personnel are diligently striving to reinstate systems and functionalities with the utmost speed. Stryker possesses established resilience protocols, and our dedication remains to persistently cater to our clientele,” a representative for Stryker conveyed to the Journal.
“Stryker is presently enduring a grave, worldwide interruption throughout its Windows ecosystem, impacting both user terminals and central servers,” stated an internal communication dispatched to staff, as reported by the WSJ. “This predicament is pervasive, substantially impeding users’ capacity to engage with various systems and offerings.”
Techcrunch event
San Francisco, CA
|
October 13-15, 2026
The corporation did not promptly provide a reply to TechCrunch’s inquiry for a statement. The United States Cybersecurity and Infrastructure Security Agency, an entity tasked with addressing digital intrusions, also refrained from responding to a similar appeal for input.
As stated by the IBM X-Force Exchange, Handala materialized following the October 7 assault by Hamas on Israel and has set its sights on Israeli civil infrastructure, energy firms within the Gulf area, and Western entities. “Its undertakings primarily aim to create both destabilizing and psychological repercussions,” the firm noted on the platform, which monitors malicious collectives. “Handala utilizes an expansive and dynamic set of instruments, encompassing phishing, bespoke data-wiping malicious software, ransomware-like coercive demands, information pilfering, and leak operations. Its various initiatives invariably showcase ideological communications, exaggerated or deceptive claims of breaches, and purposeful attacks against vital domains like medical care and power generation.”
Furthermore, Handala maintains a web presence that enumerates and publicly identifies numerous Israelis purportedly employed by or formerly affiliated with the Israeli Defense Forces, alongside significant indigenous defense and monitoring technology providers, including Elbit Systems and NSO Group.
The Israeli cybersecurity company, Check Point, indicated in a recent publication that subsequent to the commencement of hostilities in Iran, Handala is observed “infiltrating easily exploitable systems, engaging in data exfiltration and disclosure operations, and strategically orchestrating the release of pilfered content to amplify coercive impact.”
{content}
Source: {feed_title}