Iranian Hackers Used Stolen Credentials to Breach Medical Giant Stryker

Iran-linked hackers breach Stryker, wiping 200,000 devices globally. FBI investigates this major US cyberattack by Handala group.

By Content Team

Mar 18, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Iran-linked hacker group Handala compromised US medical technology company Stryker on March 11, wiping over 200,000 devices and forcing office shutdowns across dozens of countries. New evidence reveals the attackers likely used credentials stolen by infostealer malware, some potentially years old, to access Stryker's Microsoft Intune system.

The hackers created a global admin account through the compromised Intune administrator credentials, then remotely wiped managed devices. Stryker manufactures surgical equipment and orthopedic implants for hospitals worldwide. The breach disrupted order processing, manufacturing, and shipping, though the company says all products remain safe to use.

CISA and FBI are investigating the incident, marking the most significant Iranian cyberattack against the US since the Gaza conflict began.

Source: Security Week

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Identity Abuse Drives Nearly Two-Thirds of Cyberattacks, Unit 42 Report Shows

Feb 17, 2026

Hightower Financial Services Hit by Data Breach Affecting 131,000 People

Mar 27, 2026

Critical Chrome Zero-Day Exploit Code Goes Public After Active Attacks

Mar 3, 2026

Shai-Hulud Worm Fuels $8.5 Million Trust Wallet Crypto Heist

Dec 31, 2025