Just over a week ago, on 11 March 2026, a cyberattack brought one of the world’s largest medical device makers to its knees. Stryker – a $25 billion company that manufactures surgical robots, joint implants and emergency equipment – woke up to find thousands of employee devices wiped clean, its ordering systems offline, and surgeries being rescheduled around the world.
This was not ransomware. This was something more deliberate and destructive – a wiper attack carried out by a state sponsored-linked hacking group called Handala, who exploited a trusted Microsoft device management tool to erase data from up to 80,000 employee phones and laptops in one move.
In this episode, we break down exactly what happened, how it happened, and what it means for every organisation that relies on cloud-based device management tools. We also look at the governance lessons – from business continuity planning to privileged access controls – that this attack makes impossible to ignore.
– https://csrc.nist.gov: NIST SP 800-34 Rev. 1
– https://www.cybersecuritydive.com: Stryker attack raises concerns about role of Microsoft Intune
