A hacking group with ties to Iran has openly taken credit for a significant cyberattack on a US-based medical company this Wednesday. This incident marks a notable cyber assault coinciding with the recent tensions between the two countries.
The target of the cyberattack was Stryker, a medical equipment firm headquartered in Michigan. The company reported that the breach led to a “global network disruption” affecting their Microsoft applications, as stated in their official release.
“We have found no evidence of ransomware or malware involvement and believe the situation is under control. Our teams are diligently assessing the impact on our systems,” Stryker announced.
During the attack, the Wall Street Journal reported that the logo of the Iran-affiliated hacking group, known as Handala, appeared on the company’s login portals.
Handala Team later confirmed their involvement in the cyberattack through statements released on social media platforms X and Telegram.
The group claimed to have acquired 50 terabytes of “critical data” from Stryker, declaring that “all the data is in the hands of the free people.” This action was allegedly in retaliation for the death of at least 175 schoolgirls in Minab, which they attributed to US-Israel military strikes on Iran.
The “hacktivist” group emerged in 2022 and has been linked to Iran by several threat intelligence companies, the Journal reported. The group had claimed responsibility for additional recent cyberattacks on Israeli companies and in the Gulf.
A Stryker employee told NBC News that the disruption stopped work-issued phones from functioning and effectively halted operations at the 56,000-employee company.
The attack also appeared to have wiped information from some employees’ devices, the outlet said.
In a message sent to employees and obtained by the Journal, Stryker advised workers to avoid clicking on suspicious links and urged them to remove mobile device management apps and work profiles from their cellphones.
“The issue is widespread and significantly affecting users’ ability to access systems and services,” the notice said, according to the outlet.
It is not immediately clear how the cyberattack was conducted or whether Handala’s claims that it had acquired data are accurate.
Neither Stryker nor Microsoft immediately responded to The Post’s request for comment on further details.
