Pro-Iran Hackers WIPE 200,000 Medical Systems

Person in hoodie and mask using computer, multiple screens. — 200K MEDICAL SYSTEMS HACKED!

A pro-Iran hacking group just launched a devastating cyberattack on a major American medical technology company with deep ties to our military, wiping hundreds of thousands of systems and threatening patient care across the globe.

Story Snapshot

Handala hacking group claims responsibility for crippling cyberattack on Stryker Corporation, wiping over 200,000 systems across 79 countries
Attack targeted medical device maker holding $450 million in Department of Defense contracts and Israeli business connections
Hackers claim retaliation for U.S. military operations in Iran, extracting 50 terabytes of sensitive data
Disruption threatens hospital operations and patient care worldwide, highlighting vulnerability of critical American infrastructure

Iranian Hackers Strike American Medical Giant

Stryker Corporation, a Kalamazoo, Michigan-based medical technology leader, confirmed a massive global network disruption on March 11, 2026, following a coordinated cyberattack.

The pro-Iran hacking group Handala claimed responsibility, stating that it had wiped over 200,000 systems, servers, and mobile devices across 79 countries.

Employees discovered hacker logos on login pages and received instructions to disconnect devices immediately. The attack began shortly after midnight Eastern Time, rapidly spreading through Stryker’s global Microsoft environment and forcing widespread operational shutdowns.

An Iran-linked hacking group has claimed responsibility for a cyberattack causing a global network disruption at US med-tech firm Stryker, though the incident is still under investigation.https://t.co/0e7TN1WwY8

— Vivek | ThreatIntel (@VivekIntel) March 11, 2026

Military Connections Made Stryker a Target

Stryker’s selection as a target stems directly from its extensive military and Israeli business relationships. The company holds a $450 million Department of Defense contract and supplies critical medical equipment to DoD facilities and Veterans Affairs hospitals nationwide.

Stryker also acquired Israeli medical firm OrthoSpace in 2019, establishing operational ties to Israel. These connections made the medical device manufacturer an attractive symbolic target for Handala, which emerged after Hamas’ October 7, 202,3 attack and maintains a website doxing alleged Israeli defense contractors and IDF workers.

Retaliation Claims Follow Military Strike

Handala justified the attack as retaliation for a February 28, 2026, U.S. military strike near Iran’s Minab girls’ school in Tehran that killed between 168 and 175 people, mostly children.

The hackers also cited ongoing cyber assaults on Iranian infrastructure as motivation. This represents a dangerous escalation where geopolitical military conflicts now directly target American healthcare infrastructure.

The Department of Homeland Security had warned of potential Iran-aligned cyber retaliation. Still, the speed and scope of this attack demonstrate how vulnerable critical sectors remain to foreign adversaries seeking to harm Americans at home.

Destructive Wiper Malware Causes Widespread Damage

Unlike typical ransomware attacks that seek financial extortion, Handala deployed wiper malware designed solely for destruction and disruption. Reports from employees on Reddit described completely wiped mobile phones and system lockouts, corroborating the hackers’ claims. The Wall Street Journal confirmed wiped systems and hacker logos appearing across Stryker’s network.

While Stryker officials stated they found no ransomware or malware and described the incident as “contained,” the visible disruptions and employee accounts suggest significant destructive effects.

The hackers claim to have extracted 50 terabytes of data, raising concerns about potential future leaks of sensitive medical and military-related information.

Security experts warn that this attack represents a significant escalation in targeting American medical technology firms with destructive cyberweapons.

Recorded Future analyst Alexander Leslie cautioned that the incident risks inspiring copycat attacks and influence operations against other critical infrastructure providers.

The attack exposes how Biden-era failures to secure our digital infrastructure and confront Iranian aggression have left American companies and patients vulnerable.

With Stryker’s systems offline across dozens of countries, hospitals relying on their surgical tools and medical implants face potential disruptions to patient care, demonstrating how foreign adversaries can weaponize cyber capabilities against our healthcare system.