Stryker hit by cyberattack
Incident
Summary
Hide ▲
Show ▼
Stryker confirmed a cyberattack that caused global disruption to its Microsoft environment, interrupting access to business systems and applications. The company said the incident is contained, but restoration is still in progress and a full recovery timeline is unknown. The disruption matters because Stryker operates across a large global footprint in 79 countries.
Related Happenings
Stryker hit by network compromise
Incident
First: 11.03.2026 18:20
Last: 11.03.2026 18:20
Sources 1
About this happening:
Stryker suffered a destructive network compromise attributed to Handala/Handala Hack Team, with reporting describing data deletion and widespread device wiping. Early coverage fra...
Stryker hit by network compromise
IncidentAbout this happening: Stryker suffered a destructive network compromise attributed to Handala/Handala Hack Team, with reporting describing data deletion and widespread device wiping. Early coverage fra...
Latest development: 28.03.2026 17:40
Handala Hack is tied to a destructive compromise of Stryker in which company data was deleted and thousands of employee devices were wiped. Stryker later said the incident was contained after it regained access, removed the unauthorized party from its environment, and noted that the breach was confined to its internal Microsoft environment.
MuddyWater U.S. network intrusion campaign targeting banks, airports, and a software company arm
Campaign
First: 06.03.2026 12:23
Last: 06.03.2026 12:23
Sources 1
About this happening:
**MuddyWater (Seedworm)** is running a **state-linked intrusion campaign** that has embedded itself in **U.S. banks, airports, a non-profit, and an Israeli software company arm**,...
MuddyWater U.S. network intrusion campaign targeting banks, airports, and a software company arm
CampaignAbout this happening: **MuddyWater (Seedworm)** is running a **state-linked intrusion campaign** that has embedded itself in **U.S. banks, airports, a non-profit, and an Israeli software company arm**,...
Rising zero-day exploitation across end-user and enterprise products in 2025
Target Trend
First: 05.03.2026 17:03
Last: 05.03.2026 17:03
Sources 1
About this happening:
**Zero-day exploitation** stayed elevated in **2025**, with **90 actively exploited flaws** spread across **end-user platforms** and **enterprise products**. That matters because...
Rising zero-day exploitation across end-user and enterprise products in 2025
Target TrendAbout this happening: **Zero-day exploitation** stayed elevated in **2025**, with **90 actively exploited flaws** spread across **end-user platforms** and **enterprise products**. That matters because...
LexisNexis Legal & Professional hit by network compromise
Incident
First: 03.03.2026 17:40
Last: 03.03.2026 17:40
Sources 1
About this happening:
**LexisNexis Legal & Professional** confirmed a **server breach** after an **unauthorized party accessed a limited number of servers**, creating risk that internal customer and bu...
LexisNexis Legal & Professional hit by network compromise
IncidentAbout this happening: **LexisNexis Legal & Professional** confirmed a **server breach** after an **unauthorized party accessed a limited number of servers**, creating risk that internal customer and bu...
APT28 wellnesscaremed[.]com multistage LNK campaign
Campaign
First: 02.03.2026 12:36
Last: 02.03.2026 12:36
Sources 1
About this happening:
An **APT28**-linked **LNK/HTML delivery chain** is being used for **multistage payloads**, indicating an ongoing phishing-style operation that can broaden exploitation paths. The...
APT28 wellnesscaremed[.]com multistage LNK campaign
CampaignAbout this happening: An **APT28**-linked **LNK/HTML delivery chain** is being used for **multistage payloads**, indicating an ongoing phishing-style operation that can broaden exploitation paths. The...
Timeline
-
12.03.2026 11:30 2 articles · 2mo ago
Stryker confirms global Microsoft environment disruption
Initial DisclosureStryker said in an SEC 8-K that a cyber incident caused global disruption to the company's Microsoft environment and created disruptions and limitations of access to information systems and business applications supporting operations and corporate functions, while saying there is no indication of ransomware or malware and that the incident appears contained. Handala claimed it wiped over 200,000 systems, servers, and mobile devices, exfiltrated 50TB of data, and forced Stryker offices in 79 countries to shut down; analysts also flagged possible use of Microsoft Intune to carry out destructive activity at scale.
Show sources
- Iran Claim Massive Cyber-Attack on MedTech Firm Stryker — www.infosecurity-magazine.com — 12.03.2026 11:30
- Iran Claim Massive Cyber-Attack on MedTech Firm Stryker — www.infosecurity-magazine.com — 12.03.2026 11:30