WASHINGTON, United States — An Iran-linked hacking group claimed responsibility Wednesday for a cyberattack on US medical technology giant Stryker, saying it had extracted 50 terabytes of data in retaliation for military strikes on Iran.
“Our major cyber operation has been executed with complete success,” Handala said in a statement.
It described the hack as retribution for what it called “the brutal attack on the Minab school” in Iran, where authorities said 150 people were killed, and for “ongoing cyber assaults against the infrastructure of the Axis of Resistance,” referring to a loose alliance of armed groups backed by Tehran.
Handala said all extracted data was “now in the hands of the free people of the world.”
It issued a warning to what it described as “Zionist leaders and their lobbies,” adding: “This is only the beginning of a new chapter in cyber warfare.”
Stryker said in a statement that it was “experiencing a global network disruption to our Microsoft environment as a result of a cyberattack. We have no indication of ransomware or malware and believe the incident is contained.”
Handala, named after a figure symbolic of the Palestinian people, has claimed a series of attacks on Israeli and Gulf-region companies in recent weeks.
Since the beginning of the Iran war, it has repeatedly claimed responsibility for attacks against Israeli infrastructure, notably asserting that it has “full access” to Jerusalem’s security cameras.
“They are the most notorious group affiliated with the Iranian regime,” Gil Messing, head of cyber intelligence at Israel-based Check Point, said of Handala. “We have been tracking them for years.”
Last month, Handala said it had infiltrated the files of Israel’s largest healthcare network, Clalit, and released details of 10,000 patients.
A Google Threat Intelligence report published earlier this year said malicious activity by the group “has primarily consisted of hack-and-leak operations, but has increasingly incorporated doxxing and tactics designed to promote fear, uncertainty and doubt.”
Founded in Kalamazoo, Michigan, Stryker is a global medical device giant with some 56,000 employees and $25 billion in 2025 revenues, making everything from orthopedic implants and surgical instruments to hospital beds and robotic surgery systems.
The outages began shortly after 0400 GMT on Wednesday, The Wall Street Journal reported, citing people familiar with the matter.
Windows devices — including laptops and mobile phones connected to Stryker’s networks — were remotely wiped, the report said.
The Handala group later posted that it had also carried out an attack on Verifone, which specializes in electronic and point-of-sale payments.
AFP could not independently verify Handala’s claims, and Verifone did not immediately respond to a request for comment.
Times of Israel staff contributed to this report.
