WEEKLY UPDATE: 03/19/26
Medical device maker Stryker is continuing to respond to a recent cyber incident, with reports on Tuesday that Stryker has shared that it has contained a cyberattack that caused widespread disruptions and was now prioritizing restoring systems that directly support customers, ordering, and shipping.
“All Stryker products across our global portfolio, including connected, digital, and life-saving technologies, remain safe to use. This event was contained to Stryker’s internal Microsoft environment, and as a result it did not affect any of our products—connected or otherwise,” Stryker said in an online message to customers.
A cyberattack on March 11 had affected Stryker’s operations. An Iran-linked hacking group called Handala claimed responsibility for the attack the same day.
The company has reported that no patient care services or connected medical devices had been affected.
Healthcare stakeholders are monitoring potential downstream impacts, including possible supply disruptions and procedure delays, though these remain under assessment.
Amid broader geopolitical tensions involving Iran, federal agencies are urging heightened vigilance across critical infrastructure sectors. The Cybersecurity and Infrastructure Security Agency and Department of Homeland Security recommend monitoring for indicators of compromise, reviewing threat intelligence, and strengthening system defenses.
Healthcare organizations are encouraged to review federal guidance and implement safeguards where feasible to support continuity of care and protect critical systems.
Related Cyber Threat Intelligence Indicators of Compromise:
- Department of Homeland Security Internet Protocol Addresses Associated with Iranian Advanced Persistent Threat Cyber Actors
- Office of Intelligence and Analysis Low-Level Cyber Attacks Against US Targets Likely Following Israeli Strikes in Iran
- Cybersecurity and Infrastructure Security Agency (CISA) Urges Continued Vigilance Amid Conflict with Iran
- CISA Cyber Vulnerability Insights
