{"id":224506,"date":"2026-03-16T15:17:00","date_gmt":"2026-03-16T19:17:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/16\/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed\/"},"modified":"2026-03-17T06:30:12","modified_gmt":"2026-03-17T10:30:12","slug":"stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/16\/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed\/","title":{"rendered":"Stryker attack wiped tens of thousands of devices, no malware needed"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed\/\">Stryker attack wiped tens of thousands of devices, no malware needed<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-16 15:17:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>Last week&#8217;s cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices.<\/p>\n<p>The organization says in an update on Sunday that all its medical devices are safe to use\u00a0but electronic ordering systems remain offline, and customers must place orders manually through sales representatives.<\/p>\n<p>Stryker emphasizes that the incident was not a ransomware attack and that the threat actor did not deploy any malware on its systems.<\/p>\n<p>Last week, Stryker was the target of a cyberattack claimed by the Handala hacktivist group, believed to be linked to Iran.<\/p>\n<p>The attacker alleged that they wiped \u201cover 200,000 systems, servers, and mobile devices\u201d and stole 50 terabytes of data. However, investigators did not find any indication that data was exfiltrated.<\/p>\n<p>Following the disruption, Stryker employees in multiple countries started to complain that their managed devices had been remotely wiped overnight.<\/p>\n<p>Some employees had their personal devices enrolled in the company network and lost personal data during the wiping process.<\/p>\n<h3>Hackers had Global Admin privileges<\/h3>\n<p>A source familiar with the attack told BleepingComputer that the threat actor used the wipe\u00a0command in Intune, Microsoft\u2019s cloud-based endpoint management service, to erase data from nearly 80,000 devices between 5:00 and 8:00 a.m. UTC on March 11.<\/p>\n<p>The attacker carried out the action after compromising an administrator account and creating a new Global Administrator account.<\/p>\n<p>The investigation is being conducted by the Microsoft Detection and Response Team (DART) in collaboration with cybersecurity experts from Palo Alto Unit 42.<\/p>\n<p>Stryker\u2019s update highlights that the attack did not impact any of its products, connected or otherwise, and was limited exclusively to the internal Microsoft corporate environment.<\/p>\n<p>\u201cAll Stryker products across our global portfolio, including connected, digital, and life-saving&#8230;<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Stryker attack wiped tens of thousands of devices, no malware needed https:\/\/www.bleepingcomputer.com\/news\/security\/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed\/ Publish Date: 2026-03-16&#8230;<\/p>\n","protected":false},"author":1,"featured_media":224507,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2026\/03\/16\/Stryker01.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,32,34],"class_list":["post-224506","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-malware","tag-threat-actor"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/224506"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=224506"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/224506\/revisions"}],"predecessor-version":[{"id":224508,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/224506\/revisions\/224508"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/224507"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=224506"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=224506"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=224506"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}