Medical technology maker Stryker Corp., hit by a crippling cyberattack linked to a pro-Iran group, is still investigating the breach and doesn\u2019t know when its systems will be back online.<\/p>\n
The company said in a regulatory filing Wednesday afternoon that it expects the breach to continue disrupting operations and \u201cthe timeline for a full restoration is not yet known.\u201d In an earlier memo seen by Bloomberg News, the company acknowledged that the attack had pummeled its network.<\/p>\n
A pro-Iranian digital activist group, Handala, has claimed responsibility for the hack, potentially marking the first known major cyber disruption of an American organization since joint US-Israeli strikes against Iran. Neither the company nor any cybersecurity agency has confirmed that an Iranian group was behind the incident.<\/p>\n
Many Stryker employees around the world were unable to work, so they were sent home from offices and told to avoid connecting to any Stryker networks or software through any device, according to a person familiar with the situation.<\/p>\n
Some employees have also seen data on their devices wiped as a result of the attack, said the person, who asked not to be identified because they weren\u2019t authorized to speak publicly about the matter.<\/p>\n
Shares of Stryker fell 3.6% to $345.78 in New York on Wednesday on news of the breach.<\/p>\n
A company spokesperson said in an earlier statement that the cyberattack caused a \u201cglobal network disruption to our Microsoft environment.\u201d<\/p>\n
\u201cWe have no indication of ransomware or malware and believe the incident is contained,\u201d the spokesperson said. \u201cOur teams are working rapidly to understand the impact of the attack on our systems. Stryker has business continuity measures in place to continue to support our customers and partners.\u201d<\/p>\n
Neither the FBI nor the US Cybersecurity and Infrastructure Security Agency responded to requests for comment.<\/p>\n
The Trump administration proactively monitors for potential cyber threats, and regulators and law enforcement entities are available for any response measures, according to a White House official who asked not to be identified and didn\u2019t specifically address Stryker\u2019s case.<\/p>\n
Stryker manufactures a wide range of medical devices and equipment with a focus on orthopedics, surgical tools, neurotechnology and spinal products. Its lineup includes emergency services and intensive-care disposable equipment, according to the company\u2019s website. Most of its products are marketed directly to doctors, hospitals and other health-care facilities and are available in more than 61 countries, according to the company\u2019s filings.<\/p>\n
Stryker generates about $25 billion in revenue annually and has a market valuation of about $132 billion.<\/p>\n
Handala claimed responsibility for the attack in a statement posted online Wednesday. The group portrayed its alleged actions as retaliation for a suspected US bombing of an Iranian school and threatened a \u201cnew chapter in cyber warfare.\u201d<\/p>\n
\u201cCritical health care infrastructure represents a high-value, high-impact target: Disruption doesn\u2019t just mean data loss, it can mean patient safety,\u201d said Sergey Shykevich, threat intelligence group manager at the Israeli cybersecurity firm Check Point Software Technologies Ltd.<\/p>\n
The attack unfolded dramatically beginning around midnight US Eastern time, when workers saw systems go down in front of them one at a time. Once they realized what was happening, employees scrambled to unplug some machines in order to save data, according to the person. The effort was frantic and had mixed results. In some offices, as many as 95% of the computers and devices have been wiped, the person said.<\/p>\n
In the operation, more than 200,000 systems, servers and mobile devices were wiped and 50 terabytes of data were extracted, Iran\u2019s semiofficial Tasnim news agency reported. Bloomberg News hasn\u2019t independently verified those claims.<\/p>\n
Handala suggested it had attacked Stryker because it had connections to Israel. In 2019, Stryker acquired the Israeli company OrthoSpace. Stryker has also previously worked with the US military: Last year, it won a $450 million contract to supply medical devices to the US Department of Defense.<\/p>\n
Photo: Photographer: Chris Ratcliffe\/Bloomberg<\/p>\n
Copyright 2026 Bloomberg.<\/p>\n