Log In Get Started
Stock Markets March 11, 2026

Stryker Shares Drop After Report of Iran-Linked Cyber Intrusion Disrupts Systems

Global outages and wiped Windows devices prompt emergency employee directives as medical device maker’s stock falls

By Leila Farooq SYK
Stryker Shares Drop After Report of Iran-Linked Cyber Intrusion Disrupts Systems
SYK

Stryker Corporation saw its shares decline after a report that an Iran-linked hacking group breached the company’s systems, triggering a global outage. Employees were told to avoid powering on company devices and to disconnect from networks as investigators and staff assess the scope of the disruption.

Key Points

  • Stryker shares dropped 3.4% after a Wall Street Journal report that the company experienced a cyberattack linked to Iran.
  • The outage is reported to be global, with employees and contractors seeing a hacking group's logo on login pages and remote Windows devices allegedly wiped.
  • Stryker advised staff not to power on company devices, to disconnect from networks, and to remove mobile device management apps and work profiles from cellphones immediately.

Stryker Corporation suffered a market hit after reports that an Iran-linked cyber intrusion caused widespread outages across the medical technology company's systems. Shares fell 3.4% on Wednesday following the account of the incident in the Wall Street Journal.

According to the report, the interruption is global in scope, with staff and outside contractors observing that the login pages displayed the logo of a hacking group linked to Iran. The outages began shortly after midnight on the U.S. East Coast, the report said.

People familiar with the situation told the Wall Street Journal that remote devices running Microsoft Windows - including cellphones, laptops and other hardware configured to connect to Stryker's internal systems - showed signs of having been wiped. Those individuals were cited as the source for the information about wiped devices.

Internal communications reviewed by WSJ Pro Cybersecurity indicate the company instructed employees not to power on any company-issued devices and to immediately disconnect from all networks. The message also cautioned staff against clicking on suspicious links and recommended that mobile device management applications and work profiles be removed from cellphones without delay.

Stryker is one of the world's largest medical technology companies, manufacturing devices and equipment used in hospitals and surgical suites, with a particular focus on orthopedics and neurosurgery. The report did not provide additional operational details about whether surgical procedures or hospital services have been affected beyond the system outages reported.

Context and follow-up

The account of the incident centers on an apparent cyberattack attributed to a group linked to Iran and on reported system-wide disruptions within Stryker. The company’s advisory to employees underlines the immediate operational precautions being taken as staff and contractors attempt to limit further exposure.

At this time, public reporting describes the outage, the presence of a foreign-affiliated hacking group's logo on login pages, and the alleged wiping of Windows devices used to access Stryker systems. No additional claims about the broader impact or remediation timeline were provided in the cited report.

Bottom line

Market reaction to the reported cyber intrusion was negative for Stryker's stock, and the company has enacted emergency guidance for its workforce while the incident is being examined.

Risks

  • Operational disruption - The reported global outage across Stryker systems could affect access to internal tools and workflows used by the company and its staff, implicating hospital and surgical operations that rely on its products.
  • Data and device integrity - Reports that remote Windows devices, including cellphones and laptops configured to access company systems, had been wiped raise uncertainty about loss of device-level data and the time needed to restore affected endpoints.
  • Unclear scope and remediation timeline - Public reporting to date does not specify how long systems will remain offline or the full extent of the intrusion, leaving uncertainty for customers, partners and markets.

More from Stock Markets

Insider Transactions Spotlight: Major Buys at Small Caps and Sizable Sales at Tech and Energy Names Mar 23, 2026 Mizuho Raises MongoDB Rating, Points to AI Demand and Strong Customer Momentum Mar 23, 2026 Stryker Stock Climbs After Company Says Cybersecurity Incident Contained Mar 23, 2026 Morgan Stanley Warns of Growing Bear Risk for European Stocks as Energy Costs Rise Mar 23, 2026 SuRo Capital Reorients Funding Toward AI Infrastructure as Value Capture Shifts Mar 23, 2026