PORTAGE, Mich. (WWMT) — Stryker, one of the largest medical equipment manufacturers in the United States, confirmed Wednesday that a cyberattack disrupted its global computer networks, with a logo linked to an Iranian-backed hacking group appearing on company login screens for employees who were unable to work.
The Portage-based, global company has said in a statement on its website that it believes the incident is contained.
“We have no indication of ransomware or malware and believe the incident is contained. Our teams are working rapidly to understand the impact of the attack on our systems,” Stryker said in its statement.
The company confirmed the attack affected its Microsoft environment.
Emails from News Channel 3 seeking additional comment were not immediately answered.
Stryker makes products ranging from artificial joints to hospital beds and reported more than $25 billion in revenue in 2025.
The logo of Handala, a hacking group with reported ties to Iran, appeared on Stryker company login pages, according to The Wall Street Journal and Reuters.
Experts who spoke with News Channel 3 said the group is an Iranian-linked, pro-Palestinian hacker collective, and the attack appeared designed not to extort the company, but to erase critical data entirely.
Retired Brig. Gen. Michael McDaniel, a former deputy assistant secretary for homeland defense who worked in the Pentagon, said Stryker was an attractive target for multiple reasons.
“You would attack Stryker because, number one, it’s an American company, but it’s also a global company. So they’ve got a worldwide network where they can look to exploit vulnerabilities,” McDaniel said.
Stryker’s role as a global supplier of medical equipment to hospitals may have made it a strategically significant symbol, according to McDaniel, particularly given rising tensions in the Middle East.
McDaniel warned the Stryker attack may be just the beginning, predicting continued cyberattacks in the days ahead.
He identified healthcare, banking, agriculture, and energy production as the sectors most likely to face future targeting, and urged companies across the country to look over and strengthen their cyber defenses.
Alexander Leslie, a senior adviser at Recorded Future, a global threat intelligence company, told The Associated Press, the attack “is exactly the kind of pressure point that creates outsized strategic and political ripple effects.”
Stryker’s stock fell approximately 3.5% Wednesday following news of the attack.
An economist from the W.E. Upjohn Institute for Employment Research in Kalamazoo told News Channel 3 that, in the short term, the attack is likely to have a more severe impact on Stryker itself than on the broader U.S. economy.
However, the economist cautioned that picture could change, noting that any similar incidents would likely produce wider economic effects.
The company, which employs approximately 56,000 people worldwide, sent workers home Wednesday as the investigation continued.
Stryker said it has been able to restore some of its systems, but did not say when full operations would continue.
National Headline
