An Iran-linked hacking group known as Handala has claimed responsibility for cyberattacks targeting two multinational companies, payment technology provider Verifone and US medical technology manufacturer Stryker.
The claims were posted by the group on its Telegram channel and leak site, where it said the attacks were carried out in response to recent geopolitical tensions and cyber operations linked to the United States and Israel. According to the statements, the activity was intended as retaliation for military strikes and cyber actions targeting what the group described as allies in the Middle East.
Handala said it had targeted Verifone, a payment processing company headquartered in New York whose systems are used by retailers in more than 150 countries to process billions of transactions. The group posted screenshots and data samples to support its claim and warned that additional attacks could follow. At the time of reporting, Verifone’s website appeared to be operating normally, and the company had not confirmed a breach.
The group also claimed responsibility for a separate cyberattack against Stryker, a Michigan-based medical technology company that produces surgical equipment and hospital systems used worldwide. Stryker reported in a filing with the US Securities and Exchange Commission that it experienced a global disruption to parts of its Microsoft-based network environment as a result of a cyber incident.
Stryker said the disruption affected access to some internal systems and that the company was investigating the incident. The company stated that it had found no indication of ransomware or other malware and believed the situation had been contained.
In its messages, Handala claimed the operation wiped more than 200,000 devices and extracted about 50TB of data from Stryker’s systems. Those claims have not been independently verified. Reports from employees suggested that some devices connected to the company network stopped functioning or displayed the group’s logo on login screens.
Security researchers said Handala is one of several pro-Iran hacking groups that have increased activity following recent regional tensions. Analysts warned that additional cyber operations targeting Western companies and infrastructure could occur as geopolitical conflicts increasingly extend into cyberspace.