{"id":3488537,"date":"2026-03-19T15:08:31","date_gmt":"2026-03-19T15:08:31","guid":{"rendered":"https:\/\/techingeek.com\/index.php\/2026\/03\/19\/cisa-calls-on-businesses-to-safeguard-microsoft-intune-systems-following-a-mass-wipe-of-stryker-devices-by-hackers\/"},"modified":"2026-03-19T15:08:31","modified_gmt":"2026-03-19T15:08:31","slug":"cisa-calls-on-businesses-to-safeguard-microsoft-intune-systems-following-a-mass-wipe-of-stryker-devices-by-hackers","status":"publish","type":"post","link":"https:\/\/techingeek.com\/index.php\/2026\/03\/19\/cisa-calls-on-businesses-to-safeguard-microsoft-intune-systems-following-a-mass-wipe-of-stryker-devices-by-hackers\/","title":{"rendered":"CISA calls on businesses to safeguard Microsoft Intune systems following a mass wipe of Stryker devices by hackers."},"content":{"rendered":"
<\/div>\n

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has alerted organizations to bolster the security of their employee device management systems following a breach by pro-Iran hackers at medical technology leader Stryker, which resulted in the mass deletion of thousands of its phones, tablets, and computers.<\/p>\n

On Thursday, the agency recommended that businesses take proactive measures and confirmed its knowledge of hackers exploiting their access to Stryker’s Windows-based infrastructure to manipulate its device management systems, leading to persistent disruptions in the company\u2019s global operations.<\/p>\n

Among its recommendations, CISA advised network administrators to ensure that specific user accounts with access to systems like Microsoft Intune\u2014which Stryker utilizes to remotely control its employees\u2019 devices\u2014can execute sensitive or high-impact actions (such as erasing devices) only with the approval of a second administrator.<\/p>\n

Stryker, which manufactures medical devices and equipment for hospitals, acknowledged on March 11 that it had suffered a cyberattack, noting it was facing \u201cglobal disruption\u201d to its network.\u00a0<\/p>\n

The company reported that the hackers did not deploy malware or ransomware, but sources indicate that they exploited their access to Stryker\u2019s internal systems to get into its Intune dashboards and remotely erase data on tens of thousands of employee devices, including personal phones and computers linked to Stryker\u2019s network.<\/p>\n

Stryker has indicated that it contained the cyber incident and is working on restoring its systems. While the company’s medical devices continue to function, Stryker stated that its supply chain, ordering, and shipping systems remain offline.\u00a0<\/p>\n

Stryker has not announced a timeline for its recovery efforts. The company did not reply to TechCrunch\u2019s inquiry for comments.<\/p>\n

A faction of pro-Iran hacktivists called Handala claimed responsibility for the cyber breach on Stryker last week, stating they targeted the company in response to the U.S. strike that killed numerous children at a school in Iran. The hackers asserted that they had exfiltrated large volumes of data from the company\u2019s network, although they did not provide immediate proof of this allegation.<\/p>\n

According to TechCrunch, the FBI confiscated the Handala group\u2019s website on Wednesday.<\/p>\n","protected":false},"excerpt":{"rendered":"

<\/div>\n

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has alerted organizations to bolster the security of their employee device management systems following a breach by pro-Iran hackers at medical technology leader Stryker, which resulted in the mass deletion of thousands of its phones, tablets, and computers.<\/p>\n

On Thursday, the agency recommended that businesses take proactive measures and confirmed its knowledge of hackers exploiting their access to Stryker’s Windows-based infrastructure to manipulate its device management systems, leading to persistent disruptions in the company\u2019s global operations.<\/p>\n

Among its recommendations, CISA advised network administrators to ensure that specific user accounts with access to systems like Microsoft Intune\u2014which Stryker utilizes to remotely control its employees\u2019 devices\u2014can execute sensitive or high-impact actions (such as erasing devices) only with the approval of a second administrator.<\/p>\n

Stryker, which manufactures medical devices and equipment for hospitals, acknowledged on March 11 that it had suffered a cyberattack, noting it was facing \u201cglobal disruption\u201d to its network.\u00a0<\/p>\n

The company reported that the hackers did not deploy malware or ransomware, but sources indicate that they exploited their access to Stryker\u2019s internal systems to get into its Intune dashboards and remotely erase data on tens of thousands of employee devices, including personal phones and computers linked to Stryker\u2019s network.<\/p>\n

Stryker has indicated that it contained the cyber incident and is working on restoring its systems. While the company’s medical devices continue to function, Stryker stated that its supply chain, ordering, and shipping systems remain offline.\u00a0<\/p>\n

Stryker has not announced a timeline for its recovery efforts. The company did not reply to TechCrunch\u2019s inquiry for comments.<\/p>\n

A faction of pro-Iran hacktivists called Handala claimed responsibility for the cyber breach on Stryker last week, stating they targeted the company in response to the U.S. strike that killed numerous children at a school in Iran. The hackers asserted that they had exfiltrated large volumes of data from the company\u2019s network, although they did not provide immediate proof of this allegation.<\/p>\n

According to TechCrunch, the FBI confiscated the Handala group\u2019s website on Wednesday.<\/p>\n","protected":false},"author":2,"featured_media":3488538,"comment_status":"open","ping_status":"closed","sticky":false,"template":"Default","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3488537","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/posts\/3488537"}],"collection":[{"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/comments?post=3488537"}],"version-history":[{"count":0,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/posts\/3488537\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/media\/3488538"}],"wp:attachment":[{"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/media?parent=3488537"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/categories?post=3488537"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/tags?post=3488537"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}