Healthcare Innovation spoke with a booth representative of Stryker at the annual HIMSS Global Health Conference & Exhibition in Las Vegas, who shared that internal systems were affected, but customer-facing solutions were not.

The hacktivist group Handala claimed responsibility for the breach in a message posted on an X account purportedly affiliated with the group. In the post, the group stated that the attack was “a clear warning to all Zionist leaders and their lobbies.”

“Claims like wiping 200,000 devices and extracting tens of terabytes of data should be treated cautiously until independently verified,” Ensar Seker, CISO at SOCRadar, said in a statement. “Hacktivist groups often exaggerate operational impact for psychological effect. However, even if the scale is smaller than claimed, a wiper-style attack against a global medical technology company is serious because it targets operational continuity rather than just data theft. In the healthcare ecosystem, outages affecting device manufacturers or support systems can ripple across hospitals, supply chains, and patient care environments.”

Furthermore, Seker noted, “What makes this incident notable is the alleged use of enterprise management infrastructure to execute a destructive campaign. If attackers gained access to tools such as mobile device or endpoint management platforms, they could push destructive commands at scale across thousands of systems almost instantly. That shifts the attack from traditional ransomware or espionage into a coordinated operational disruption, which is consistent with the tactics we increasingly see in geopolitically motivated hacktivism tied to regional conflicts.”

U.S. Intelligence officials have issued warnings about potential retaliation from hackers linked to Tehran in response to the U.S. and Israeli bombings of Iran that began last month, CNN’s Josh Campbell wrote earlier this week.