Stryker on Thursday acknowledged that a cyber incident detected the previous day is causing broad disruption to its business operations, including the firm's ability to process customer orders, manufacture products and dispatch shipments.
The medical device maker said the disruption stems from an intrusion that affected its Microsoft environment, an issue the company first disclosed on March 11. Stryker said the incident has not affected any patient-related services or its connected medical products, but noted that the full scale and financial impact remain unknown as its probe continues.
An Iranian-linked hacking group identifying itself as Handala claimed responsibility for the attack and said it was carried out in retaliation for a strike on a girls' school in Minab, southern Iran. Iranian diplomatic officials reported an estimated 150 student fatalities in that school attack; Reuters has not independently verified that figure.
The company emphasized that its investigation into the cyber incident is ongoing. Stryker employs about 56,000 people and operates in 61 countries, and it said the operational disruption is widespread across its systems and processes. The firm did not provide a definitive timeline for restoration of normal operations.
While the immediate statement from Stryker indicated no impact to patient-facing services or to its connected medical products, the company acknowledged uncertainty about the final scope and financial consequences of the attack as recovery efforts proceed.
Separately, a third-party AI-based investment product referenced Stryker's ticker, noting that its system evaluates SYK alongside thousands of companies monthly using more than 100 financial metrics. That product stated it uses AI to identify opportunities based on fundamentals, momentum and valuation and cited prior winners it attributed to its process, including Super Micro Computer (+185%) and AppLovin (+157%). The promotional material invited readers to check whether SYK appears in its strategies or whether alternative opportunities exist in the same sector.
Summary
Stryker is managing widespread operational disruption after a cyberattack that affected its Microsoft environment, impairing order processing, production and shipments while investigations continue. An Iranian-linked group claimed responsibility and said the action was in retaliation for a school strike; casualty figures cited by Iranian officials have not been independently verified. The company reported no impact to patient services or connected medical products but said the full consequences are still being assessed.
Key points
- Cyberattack disrupted Stryker's ability to process orders, manufacture devices and ship products.
- Handala, an Iranian-linked hacking group, claimed responsibility, linking the action to a strike on a girls' school in Minab; casualty numbers cited by Iranian officials remain unverified.
- Stryker reported no patient-facing service disruptions and said the full financial and operational impact is not yet known; investigation is ongoing.
Risks and uncertainties
- Unclear scope of financial impact - the company has not yet determined the full economic consequences of the disruption.
- Operational recovery timeline uncertain - Stryker has not provided a definitive schedule for restoring normal order processing, manufacturing and shipping.
- Attribution and motive claim - the responsibility claimed by the Iranian-linked group and the casualty figures cited by Iranian officials have not been independently verified.