Stryker said on Tuesday it has contained a cyberattack that led to broad operational disruptions and is now concentrating efforts on bringing back online the systems that support customers - particularly those used for ordering and shipping.
The company reported the intrusion occurred on March 11 and affected multiple aspects of its operations. According to Stryker, the attack hindered order processing, manufacturing and shipments, creating obstacles across its commercial and production workflows.
An Iran-linked hacking collective identifying itself as Handala claimed responsibility for the incident on the same day, asserting the attack was in retaliation for a strike on a girls' school in Minab, southern Iran.
Stryker's internal investigation found that cellphones, laptops and other remote devices running Microsoft's Windows operating system - where those devices were able to connect to the company's computer platforms - were impacted by the attack. The company noted that no patient-related services or connected medical products were affected by the incident.
Stryker, which employs 56,000 people and has operations in 61 countries, said it is working with appropriate authorities and external cybersecurity specialists as part of its ongoing investigation. The company has not disclosed any details on the financial impact of the breach.
As a medical device manufacturer with a global footprint, Stryker emphasized restoring customer-facing infrastructure as the immediate priority. That includes systems used to accept orders and manage outbound shipments - functions that directly affect customers and the logistics chain that delivers medical devices to recipients.
The company provided no further specifics on timelines for a full return to normal operations, financial exposure, or additional technical details beyond the systems and device types identified as affected.