Thousands of Stryker employees remain unable to work more than a week after a cyberattack knocked the global medical device giant offline. The Iranian-linked hacking group Handala claimed responsibility, wiping critical data and halting operations across continents.

Widespread Disruption Across Cork and Beyond

Production has stalled at multiple Stryker facilities in Cork, Ireland, weeks after the attack hit. The company’s six sites there, employing over 4,000 people, have seen little progress restoring full operations. Employees described the impact as "massive," with many still unable to access necessary software or systems to resume their tasks.

At the same time, workers have been receiving wiped laptops with freshly reinstalled Microsoft software. This precaution aimed to eliminate any lingering malicious code embedded by the hackers. But despite these efforts, full system recovery remains slow, leaving thousands in limbo.

One employee said the downtime has led to unexpected workplace connections. "We’re talking to people we hadn’t before," they noted. "That’s been a small positive despite everything."

What Happened: A Wiper Attack

The attack was a "wiper" type, designed to erase data irretrievably rather than demand ransom. Handala, a hacktivist group linked to Iran, claimed responsibility. They said the strike was retaliation for U.S. And Israeli military actions in Iran that caused civilian casualties.

Wiper malware is particularly destructive because it destroys critical files and system data, making recovery painstaking and uncertain. Cybersecurity experts warn that such attacks are especially dangerous during geopolitical tensions — when hackers exploit heightened fear and distraction.

According to analysts, initial infection often comes from phishing emails, malicious downloads, or compromised websites. Once inside, the wiper malware spreads rapidly, deleting crucial data.

Global Impact and Industry Concerns

Stryker, based in Portage, Michigan, is a Fortune 500 company with roughly 56,000 employees worldwide. It reported over $25 billion in revenue in 2025. Its products, ranging from artificial joints to hospital beds, are vital in healthcare.

The outage affected employees across many countries, cutting off email, internal tools, and connected devices. Ireland’s National Cyber Security Centre has been notified and is assisting in the response.

Despite the disruption, Stryker insists there's no evidence of ransomware or malware beyond the wiper attack. The company says the incident is contained and that business continuity plans remain active to support customers and partners.

Economic and Security Ramifications

The stock market reacted swiftly, with Stryker shares dropping about 3.5% following news of the attack. Experts note the attack’s immediate economic hit is mostly on Stryker itself. But if similar strikes spread, the ripple effect could hit the broader U.S. Economy, particularly in healthcare and critical infrastructure sectors.

Retired Brig. Gen. Michael McDaniel emphasized that Stryker’s global footprint made it an attractive target. "They have a worldwide network with potential vulnerabilities," he said. The company’s role as a major medical equipment supplier adds strategic weight amid rising Middle East tensions.

Cybersecurity firms report a surge in activity from Iranian-linked groups recently. Hackers are scanning networks for weaknesses and exploiting social media’s toxic environment to lure victims to infected websites. AI tools accelerate the creation of fake news sites that spread malware.

Experts warn more attacks are likely in coming weeks, urging companies to bolster defenses, especially in healthcare, banking, agriculture, and energy.

As Stryker wrestles with system recovery, the attack exposes vulnerabilities that could threaten critical medical supply chains worldwide. How companies prepare and respond to such sophisticated cyber warfare may shape the resilience of essential services in a tense geopolitical climate.