Stryker Corporation Attacked

On March 11, 2026, Stryker Corporation, a Fortune 500 medical technology company with 56,000 employees across 61 countries, suffered one of the most operationally destructive cyberattacks ever recorded against a U.S. healthcare company. The Iran-linked group Handala (a front for state actor Void Manticore, affiliated with Iran's Ministry of Intelligence and Security) gained access to Stryker's Microsoft Intune endpoint management console and issued mass remote-wipe commands to all connected corporate devices globally. The group claims over 200,000 systems were erased and 50TB of data stolen. Stryker filed an SEC Form 8-K, confirmed a global disruption to its Microsoft environment, and stated it found no evidence of traditional ransomware or malware — consistent with the "living off the land" MDM abuse vector used. The attack represents a significant geopolitical escalation: it is the first confirmed major Handala operation against a U.S. corporation and a direct response to U.S.-Israel military strikes on Iran.