Stryker’s Intune wipe hits 80,000 devices; no malware used

March 16, 2026 at 11:13 PM

•

1 min read

Stryker’s Intune wipe hits 80,000 devices; no malware used — Photo: BleepingComputer

TL;DR Summary

Last week’s Stryker cyberattack, linked to the Handala hacktivist group, targeted its internal Microsoft environment and used the Intune wipe command to remotely erase data on about 80,000 devices after an admin account was compromised; attackers claimed wiping 200,000 devices and stealing 50 TB, but investigators found no data exfiltration and no malware was deployed. Medical devices remain safe, while electronic ordering systems are offline and orders must be placed via sales reps as restoration proceeds. Microsoft’s DART and Unit 42 are leading the investigation, with full operations and shipping expected to resume as systems recover.

Topics:business #cyberattack #cybersecurity #handala-hacktivist #intune #stryker #technology

Share this article

Stryker attack wiped tens of thousands of devices, no malware needed BleepingComputer
Iran appears to have conducted a significant cyberattack against a U.S. company, a first since the war started NBC News
How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks WIRED
Why Stryker's Outage Is a Disaster Recovery Wake-Up Call Dark Reading
Stryker attack raises concerns about role of device management tool Cybersecurity Dive

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 4 min read

Condensed

87%

721 → 96 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights