Medical Technology Giant Confronts Legal Challenges Following Security Breach

PORTAGE, Mich. — Stryker Corporation, the Portage-based medical technology giant, is confronting multiple lawsuits following a major cyberattack that disrupted its global operations in early March and potentially exposed sensitive employee information.

At least four lawsuits have been filed against the company, with the most recent filed Thursday. The legal actions allege Stryker failed to adequately protect personal information, including Social Security numbers and other identifiable data.

The Attack and Its Impact

The cyberattack began on March 11, 2026, and caused widespread disruption across Stryker's internal Microsoft systems. The incident impacted operations globally, halting processes from order entry to shipment worldwide.

A group calling itself "Handala Hack" claimed responsibility online for the attack and stated it stole large amounts of data. Federal officials have since linked this group to Iran's Ministry of Intelligence and Security.

"The attack was really in and out," said cybersecurity investigator Dr. David Utzke. "Get in, do as much damage as you can, and get out."

The company said the attack involved a malicious file that allowed threat actors to run commands and hide their activity inside Stryker's systems. Stryker emphasized the file was not capable of spreading beyond its internal environment.

Lawsuit Details

One of the lawsuits comes from a current employee who alleges the company failed to properly protect sensitive personal information. The complaint claims data such as Social Security numbers and financial institution information may have been exposed and could already be circulating among cybercriminals.

The employee reports seeing an increase in spam and scam attempts following the breach.

Expert Assessment

Rich Miller, CEO of Stack Cybersecurity in Livonia, says the breach appears severe and the risks to employee information are significant.

"It is very serious. In fact, there was just a class action lawsuit filed against Stryker," Miller said. "There were four leak sites seized by the FBI today, and you don't have leak sites if you didn't gain any information."

Miller explained that personal and health information, including Social Security numbers and other identifiable information, could easily be exploited. He noted that Social Security numbers alone can be purchased on the dark web for as little as $5 to $10 each.

Company Response

Nearly two weeks after the incident, Stryker says it has regained access to its systems and removed the hackers from its network. The company states teams have been working around the clock alongside federal agencies and outside cybersecurity experts to restore systems tied to ordering, shipping and manufacturing.

Stryker said it has not found evidence that the attack spread beyond its internal environment or impacted customers, suppliers or medical devices.

The company emphasized the malicious file was not capable of spreading beyond its internal environment.

Legal Challenges

Despite the concerns raised in the lawsuits, legal experts say the cases may face significant hurdles. Under Michigan law, employees are typically limited to workers' compensation claims for workplace-related issues, which can shield employers from additional lawsuits unless there is evidence of intentional harm or fraud.

Law professor Mark Dotson said those exceptions do not appear to apply in this case, making it unlikely the lawsuits will succeed.

Part of Broader Pattern

The attack on Stryker is part of a broader pattern of cyber activity. Dr. Utzke said more than 100 cyberattacks have been reported globally in recent weeks across industries ranging from healthcare to banking, many tied to groups operating out of or aligned with Iran.

Before federal authorities took down Handala Hack's website, the group published a statement taking credit for the attack. Based on a cached version of the site, the group stated it had wiped over 200,000 systems, servers, and mobile devices and extracted 50 terabytes of critical data.

Moving Forward

Stryker's CEO Spencer Stiles now faces the challenge of clearing a delivery backlog without compromising long-term growth objectives. The company has demonstrated strong fundamentals, with 2025 fiscal year revenue surpassing the $25 billion mark and fourth-quarter 2025 earnings per share of $4.47 exceeding analyst expectations.

Investors will receive detailed information on the total financial impact of the cyber incident at the upcoming annual general meeting.

Sources

• WWMT News: Several sue Stryker after cyberattack, alleging company failed to protect sensitive data - https://wwmt.com/news/local/stryker-cyberattack-lawsuits-several-allege-failure-protect-sensitive-data-portage-social-security-information-kalamazoo-county-west-michigan
• WZZM 13: Employee lawsuits filed as Stryker says cyberattack is contained - https://www.wzzm13.com/article/news/local/employee-lawsuits-filed-as-stryker-says-cyberattack-is-contained/69-662abb3a-ce9e-457c-8867-ee3a0e5c10b2