Medical device maker Stryker disclosed a global cyber incident that wiped employee devices and locked about 5,500 staff out of company systems across Ireland, the US, Australia and India, disrupting its Microsoft environment and prompting external cybersecurity teams to contain the threat. The company says no ransomware or malware was confirmed, while cybersecurity firms and the group Handala claimed responsibility and pointed to abuse of Microsoft Intune tooling and references to Hatef and Rhadamanthys, with researchers noting overlaps between Handala and Iran-linked APT34. #Stryker #Handala
Keypoints
- Stryker reported a global disruption after devices were wiped and employees were locked out of systems.
- About 5,500 employees across Ireland, the US, Australia and India were affected.
- The company confirmed disruption to its Microsoft environment and engaged external experts to contain the threat.
- Handala claimed responsibility and analysts say attackers likely abused Microsoft Intune features and referenced Hatef and Rhadamanthys.
- Researchers see overlaps between Handala and Iran-linked APT34; financial impacts and restoration timelines remain unclear.
Read More: https://therecord.media/stryker-tells-sec-unknown-timeline-recovery