Overview
- Stryker confirmed a global disruption to its Microsoft environment, reported no evidence of ransomware or malware, and said the incident is contained.
- Employees worldwide were locked out of systems, told to disconnect corporate devices, and some offices, including hubs in Michigan and Ireland, closed after reports of device wipes.
- Handala publicly asserted it wiped more than 200,000 systems and stole about 50 terabytes of data, but those figures have not been independently verified.
- Cybersecurity experts say the attackers likely leveraged access to Microsoft Intune or similar management tooling to issue legitimate remote-wipe commands.
- Law enforcement and security agencies are investigating; the American Hospital Association said it has not seen direct impacts on U.S. hospitals, and Stryker shares fell several percent on the news.