Iran-backed hackers claim wiper attack on medtech firm Stryker

https://krebsonsecurity.com/2026/03/iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker/

68•2bluesc•1h ago

Comments

bingogo•52m ago

Medtech firms consistently underinvest in corporate network cybersecurity because almost all their security and compliance spending goes to device safety requirements, not IT hardening. This is exactly the kind of gap wiper attacks target.

FreakLegion•16m ago

This was more likely an Intune admin getting phished. Intune has a built-in wipe action: https://learn.microsoft.com/en-us/intune/intune-service/remo....

cobbzilla•28m ago

My only knowledge of this company is as a manufacturer of gurneys for ambulances.

I guess they have some sensitive data on our emergency services organizations and their headquarters addresses and accounts payable people, maybe PII on signatories (officers, board members & “important people”) and whatnot.

Anyone know if it would be worse?

serf•26m ago

>My only knowledge this company is as a manufacturer of gurneys for ambulances.

they have a tremendous catalog[0].

spend time in a hospital, dental office, rehab, etc and you'll see the logo plastered across everything.

[0]: https://www.stryker.com/us/en/portfolios/medical-surgical-eq...

cobbzilla•25m ago

yeah that is a lot of tech, but it’s all B2B- no consumer breach, right?

pastescreenshot•20m ago

Probably worse in the boring B2B way, not the consumer-breach way. Stryker is deep in hospital operations, so the immediate risk is supply chain and support disruption rather than leaked patient data. The Krebs post says one hospital system already could not order surgical supplies, and if the Intune remote wipe detail is true, recovering internal devices and admin workflows could take a while even without any medical devices themselves being compromised.

cobbzilla•4m ago

so maybe more hospitals shutdown from ransomware attacks coming?

marijan_div•22m ago

Stryker is far more than ambulance gurneys. They’re one of the largest med-tech suppliers, with equipment in operating rooms, ICUs, and surgical departments everywhere.

If a wiper actually hit internal systems, the bigger concern isn’t consumer data but disruption to manufacturing, logistics, and hospital support. That kind of outage could ripple through a lot of hospitals pretty quickly.

camillomiller•21m ago

Seems dire but hardly a supply chain disrupting attack. Stryker is a huge supplier but it not as if this will debilitate the medical supply chain completely. Seems like the hackers found a door they could kick open easily and then justified the action ex-post.

selcuka•17m ago

My understanding is that the aim was not to disrupt the supply chain but to harm the company itself.

duskdozer•6m ago

If they're a primary regional supplier, it could have a huge impact. It doesn't have to break the entire country to matter.

JonChesterfield•20m ago

So gain access to a machine that can ask microsoft intune to eviscerate the company, ask it to do so, done. Bit of a shame all the machines had that installed really. Reminds me of crowdstrike.

Banditoz•16m ago

Does InTune have some sort of check that goes "if over 1% of devices are wiped within a certain timeframe, stop all new device wipe requests"? Seems like it should be a feature, especially if these kinda attacks pick up.

bitwize•2m ago

The "Fucking for Virginity" approach to infosec strikes again!

Ultra-Fast CLI for QBittorrent – Qbtctl

Details That Make Interfaces Feel Better

Show HN: LockFS Is Now Stable

A Tale of Two Production Bugs (Part 2)

Court Keeps Wiretap and FCRA Claims Alive in Allstate/Arity SDK Tracking Lawsuit

Show HN: Cloud VMs with a Built-In REST API for AI Agents

Show HN: An Open-source platform for building and orchestrating AI agents

Changing My Mind on UBI

GitHub Having Issues

The Observer in the Swarm

Show HN: Restailor – open-source AI job fit/resume tailor/job tracker

Extensy – Lovable for Chrome Extensions

Which Model Uncensoring Method Works Best?

Timeline of the Human Condition

WordPress Everywhere

Show HN: Agentic Static Site Generator – waitlist: info[at]wise-relations.com

Shrimp fishing on horse back in Oostduinkerke

Apple at 50: Five Decades of Thinking Different [video]

Extra Timezones on You Mac Menubar

WireGuard Is Two Things

Anyone else having GitHub Actions fail?

White House AI Video Tweet

Ever Onward IBM [video]

Why are so many statues naked? An art historian explains its ancient roots

PhDs and other experts making $16/HR training AI to kill their own jobs

The Bold Environmental Vision of President Jimmy Carter

US intelligence says Iran government is not at risk of collapse

Why are some stars always visible while others come and go with the seasons

Hightitan, a lightweight framework for high-concurrency data streaming

Offline Computing