Overview
- Stryker says its medical devices and connected products remain safe to use and unaffected by the incident.
- Core transactional platforms are being brought back online, with manual ordering through sales representatives and distributors still in place.
- A source reports the attacker abused Microsoft Intune wipe commands after gaining admin access, erasing nearly 80,000 devices without deploying malware.
- The Handala group claims it wiped 12 petabytes and targeted 200,000 systems, assertions that have not been independently verified.
- Microsoft’s DART and Palo Alto Networks’ Unit 42 are leading the investigation, while hospitals review third‑party risk and some temporarily adjusted connectivity to Stryker-managed services.