{"id":120179,"date":"2026-03-12T06:06:03","date_gmt":"2026-03-12T09:06:03","guid":{"rendered":"https:\/\/tech.einnews.com\/article\/898908243"},"modified":"2026-03-12T06:06:03","modified_gmt":"2026-03-12T09:06:03","slug":"iran-appears-to-have-hit-u-s-company-with-1st-major-cyberattack-of-war-an-iran-linked-hacker-group-has-claimed-responsibility-for-a-cyberattack-on-stryker-a-medical-tech-firm-headquartered-in-michig","status":"publish","type":"post","link":"https:\/\/new7.shop\/zerocostfreehost\/index.php\/2026\/03\/12\/iran-appears-to-have-hit-u-s-company-with-1st-major-cyberattack-of-war-an-iran-linked-hacker-group-has-claimed-responsibility-for-a-cyberattack-on-stryker-a-medical-tech-firm-headquartered-in-michig\/","title":{"rendered":"Iran appears to have hit U.S. company with 1st major cyberattack of war An Iran-linked hacker group has claimed responsibility for a cyberattack on Stryker, a medical tech firm headquartered in Michigan . Read More\u00c2\u00a0\u00c2\u00bb"},"content":{"rendered":"

An Iran-linked hacker group has claimed responsibility for a cyberattack on a medical tech company in what appears to be the first significant instance of Iran\u2019s hacking an American company since the start of the war between the countries.<\/p>\n

The company, Stryker, which is headquartered in Michigan, produces a range of medical equipment and technology.<\/p>\n

Historically, Iran has conducted some of the most infamous \u201cwiper\u201d cyberattacks on national enemies, aiming to simply erase all data on computers\u2019 networks. Victims include Saudi Aramco<\/a>, Saudi Arabia\u2019s national oil company, in 2012, and the Sands Casino in 2014<\/a>.<\/p>\n

\n

Advertisement<\/p>\n

\n
\n

Advertisement<\/p>\n<\/div>\n<\/div>\n<\/div>\n

Since the war started, some established hacker groups sympathetic to Iranian leadership have claimed minor attacks, but most have been relegated to briefly altering the appearance of a website, and none have appeared to have had major impact. Some tech and cybersecurity companies, including Google, and the email cybersecurity company Proofpoint have told NBC News that they have largely seen Iran\u2019s hackers conducting espionage related to the war.<\/p>\n

But that appears to have changed Wednesday, with what appears to have been a different type of attack that also deleted information from devices. A Stryker employee, who requested to not be identified because they are not authorized to speak for the company, said that employee\u2019s work-issued phones stopped working, grinding work and communications with colleagues to a standstill.<\/p>\n

\n
\"Stryker<\/dialog><\/div>
\n
\n

Stryker, based in Michigan, produces a range of medical equipment and technology. (Smith Collection \/ Gado via Getty Images file)<\/p>\n

(Smith Collection)<\/span><\/div>\n<\/figcaption><\/figure>\n

Handala Team has claimed responsibility for the Stryker hack in statements on its Telegram and X accounts. The group routinely brags about its exploits on the social media platforms, which have in recent days taken down previous versions of their accounts.<\/p>\n

Specifics of how the hack was conducted are not clear. But public evidence of the hack points to the likelihood that hackers gained access to the company\u2019s Microsoft Intune account, which the employee confirmed Stryker uses. From there, Handala appears to have wiped some employees\u2019 devices back to factory settings, an expert said.<\/p>\n

\n

Advertisement<\/p>\n

\n
\n

Advertisement<\/p>\n<\/div>\n<\/div>\n<\/div>\n

\u201cThey seem to have obtained access to the Microsoft Intune management console. This is a solution for managing corporate devices,\u201d said Rafe Pilling, the director of threat intelligence at the cybersecurity company Sophos, which has tied Handala to Iran\u2019s Intelligence Ministry.<\/p>\n

\u201cOne of the features is the ability to remotely wipe a device if it\u2019s lost\/stolen etc. Looks like they triggered that for some or all of the enrolled devices,\u201d he said in a written exchange.<\/p>\n

Microsoft\u2019s website<\/a> describes the remote wipe feature as \u201ccommonly used when a device needs to be retired, repurposed, reset for troubleshooting, or securely erased if lost or stolen.\u201d<\/p>\n

In a statement on its website Wednesday, Stryker said that the disruption was due to a cyberattack but that its own systems were not directly hacked and that ransomware \u2014 a common type of cybercrime that can also significantly disrupt companies\u2019 networks \u2014 was not a factor.<\/p>\n

\n

Advertisement<\/p>\n

\n
\n

Advertisement<\/p>\n<\/div>\n<\/div>\n<\/div>\n

\u201cStryker is experiencing a global network disruption to our Microsoft environment as a result of a cyber attack. We have no indication of ransomware or malware and believe the incident is contained,\u201d the statement said.<\/p>\n

The company did not respond to a request for further details. Microsoft did not respond to a request for comment.<\/p>\n

This article was originally published on NBCNews.com<\/a><\/p>\n

<\/a><\/strong> <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

… for a cyberattack on a medical tech<\/span> company in what appears … of medical equipment and technology<\/span>. Historically, Iran has conducted … had major impact. Some tech<\/span> and cybersecurity companies, including … of medical equipment and technology<\/span>. (Smith Collection …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-120179","post","type-post","status-publish","format-standard","hentry","category-news","wpcat-1-id"],"_links":{"self":[{"href":"https:\/\/new7.shop\/zerocostfreehost\/index.php\/wp-json\/wp\/v2\/posts\/120179","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new7.shop\/zerocostfreehost\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new7.shop\/zerocostfreehost\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new7.shop\/zerocostfreehost\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/new7.shop\/zerocostfreehost\/index.php\/wp-json\/wp\/v2\/comments?post=120179"}],"version-history":[{"count":0,"href":"https:\/\/new7.shop\/zerocostfreehost\/index.php\/wp-json\/wp\/v2\/posts\/120179\/revisions"}],"wp:attachment":[{"href":"https:\/\/new7.shop\/zerocostfreehost\/index.php\/wp-json\/wp\/v2\/media?parent=120179"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new7.shop\/zerocostfreehost\/index.php\/wp-json\/wp\/v2\/categories?post=120179"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new7.shop\/zerocostfreehost\/index.php\/wp-json\/wp\/v2\/tags?post=120179"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}