Iranian hackers are suspected of breaching Stryker Corporation, a $20 billion Michigan-based medical device manufacturer, in what security analysts are calling the first major Iranian cyberoffensive against a U.S. company since military tensions between the two nations escalated. The attack hit Stryker’s systems on Wednesday. As of Thursday morning, the breach was still active, with the company unable to provide a timeline for full restoration.
Stryker disclosed the incident in an emergency 8-K filing with the Securities and Exchange Commission. The company acknowledged the full scope of operational and financial damage remains unknown.
The attackers targeted Stryker’s Microsoft infrastructure, deleting critical device data and disabling company phones across global operations. An employee described chaotic conditions as phones went dark and data vanished from devices throughout the organization.
The communications blackout brought the company’s day-to-day operations to a halt as workers lost access to collaboration tools and internal systems.
Stryker manufactures surgical equipment, orthopedic implants, and medical devices used in hospitals worldwide. It employs tens of thousands of workers at facilities across the globe, including its headquarters in Kalamazoo, Michigan.
The attack’s method sets it apart from typical cybercrime. Rather than deploying ransomware or stealing data for financial gain, the attackers actively deleted information from Stryker’s network. Security analysts said that pattern is consistent with state-sponsored operations aimed at maximizing operational damage and sending a geopolitical message.
Stryker identified its Microsoft environment as the specific attack vector in its SEC filing. Microsoft has not publicly commented on the breach. The targeting of widely used enterprise software raises broader concerns about vulnerabilities that thousands of companies across critical industries depend on daily.
“We have no indication of ransomware or malware and believe the incident is contained,” Stryker wrote, as per Fox Business. “Our teams are working rapidly to understand the impact of the attack on our systems.”
The attack comes as the U.S. military continues Operation Epic Fury against Iranian nuclear and military infrastructure. Iran has responded with strikes on oil tankers in the Gulf and has explicitly threatened attacks on American soil.
An FBI warning issued earlier this week flagged the possibility of Iranian drone strikes inside the United States.
