Iran-linked hackers have claimed responsibility for a cyberattack targeting Stryker, one of the world’s largest medical technology companies, after the firm confirmed a global network disruption affecting parts of its Microsoft environment. Stryker said the incident was the result of a cyberattack, adding that it currently has no indication of ransomware or malware and believes the event has been contained, though there is still no confirmed timeline for full restoration of affected systems.

The threat group Handala publicly took credit for the attack, with reports indicating the hackers framed the operation as retaliation tied to escalating geopolitical tensions involving Iran. According to multiple reports, the group’s branding allegedly appeared on internal login screens seen by employees and contractors during the disruption.

Stryker, headquartered in Michigan, is a major player in the healthcare and medical device sector, operating across dozens of countries and employing roughly 56,000 people worldwide. The scale of the company has raised concern among cybersecurity experts, who warn that attacks on large healthcare technology providers can create serious downstream operational risks even when there is no confirmed ransomware deployment.

The company said it is continuing to investigate the full scope and impact of the incident while working to restore affected services. The White House has also said it is monitoring cyber threats tied to the broader regional situation, as analysts warn that Iran-linked cyber activity may continue to intensify.

The incident highlights how major geopolitical conflicts increasingly spill into cyberspace, with critical industries such as healthcare and medical technology becoming part of the digital battleground. Even without confirmed data destruction or ransomware, the Stryker incident is already being viewed as one of the most significant politically linked cyber disruption events to hit a major U.S. healthcare-related company in recent months. This last point is an inference based on the company’s size, the global scope of the outage, and the political attribution being reported.