Ransomware victim disclosure
← All victimsStryker Corporation
listed as Stryker Hit by Unprecedented 12-Petabyte Data Wipe · Claimed by Handala · listed 3 months ago
Status timeline
- Listed
Mar 16, 2026
- Data leaked
At a glance
- Group
- Handala
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Mar 16, 2026
About the victim
AI dossier — public-source company profileStryker Corporation is a leading global medical technology company headquartered in Kalamazoo, Michigan, USA. The company develops and manufactures a broad range of medical devices, surgical equipment, neurotechnology, and orthopedic implants. It operates in over 75 countries with approximately 43,000 employees worldwide.
- Industry
- Medical Devices & Equipment
- Employees
- 43000
- Founded
- 1941
Attack summary
Severity: high — The claim involves a major medical device manufacturer, alleged large-scale data destruction and/or exfiltration affecting a critical healthcare-sector company. However, the 12-petabyte wipe claim is extraordinary and unverified, and the leak post is truncated with no confirmed regulated PII or patient data explicitly evidenced, keeping this at high rather than critical pending corroboration.The Handala group claims to have penetrated Stryker's network and conducted a destructive data-wipe operation purportedly erasing 12 petabytes of data, with documentation of the operation released publicly; the post implies exfiltration and/or destruction of sensitive medical and corporate data.
Data the group says was taken
AI dossier — extracted from the leak post- Internal network documentation
- Medical device data
- Corporate operational records
- Potentially sensitive R&D or clinical data
What the group claims
Today, for the first time, we proudly release the documentation of a unique cyber operation, an operation that will etch the name Handala Hack into the minds of all players in the global cybersecurity arena. In a swift and calculated attack, we succeeded in penetrating the deepest layers of the network belonging to the medical…
Sources
Source
Indexed 3 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.