Stryker experienced a global IT outage after a destructive wiper attack attributed to the Iranian‑linked group Handala on March 11 2026. The attack wiped remote Microsoft Windows devices and extracted 50 TB of data, affecting 56,000 employees in 79 countries. Stryker confirmed no ransomware or malware was involved and that the incident was contained, but restoration is ongoing.
The disruption halted order processing, manufacturing, and shipping across the company’s network, forcing Stryker to suspend production lines and delay deliveries to hospitals worldwide. Management said, "We have no indication of ransomware or malware and believe the incident is contained," and added that "our teams are working rapidly to understand the impact of the attack on our systems."
Stryker’s 2025 financial performance set a high bar: full‑year net sales of $25.1 billion and adjusted EPS of $13.63. In Q4 2025, the company posted net sales of $7.2 billion and adjusted EPS of $4.47, beating analyst estimates of $4.39 by $0.08. The company’s adjusted operating margin expanded to 30.2 % in Q4, up 100 basis points from the prior quarter, reflecting strong pricing power and efficient cost management.
The cyberattack threatens to derail Stryker’s 2026 growth trajectory. The company had guided for organic revenue growth of 8.0 %–9.5 % and adjusted EPS of $14.90–$15.10 for the year. Management noted that the incident could jeopardize the guidance if operations do not normalize quickly, adding that "the incident has caused, and is expected to continue to cause, disruptions and limitations of access to certain of the Company's information systems and business applications supporting aspects of the Company's operations and corporate functions."
Investors and analysts have reacted with concern, citing the severity of the operational disruption, the uncertainty of the recovery timeline, and the geopolitical context of an Iran‑linked attack. The incident underscores the vulnerability of critical medical‑device supply chains and highlights the need for robust cyber‑security measures across the industry.
The content on EveryTicker is for informational purposes only and should not be construed as financial or investment advice. We are not financial advisors. Consult with a qualified professional before making any investment decisions. Any actions you take based on information from this site are solely at your own risk.