PORTAGE, MI (WTVB) – Stryker Corporation is facing a wave of proposed class-action lawsuits following a massive March 11, cyberattack that crippled its global network and allegedly exposed the sensitive data of thousands of current and former employees. At least four lawsuits, including those filed by former employee’s, claim the Portage-based medical technology giant failed to implement “reasonable” cybersecurity measures despite having the resources to do so.
The plaintiffs argue that this negligence led to the compromise of Social Security numbers, financial account details, and health insurance information, leaving victims at an increased risk for identity theft and fraud.
The cyberattack, reportedly carried out by an Iranian-linked hacking group known as “Handala,” was a destructive “wiper” attack designed to erase data from approximately 80,000 corporate devices via Microsoft’s device-management platform.
While Stryker this week said the breach was contained within its internal Microsoft environment and did not affect patient-related medical products, the lawsuits contend that the company’s “unconscionable” IT practices allowed hackers to gain administrative access.
As the legal fallout shifts to the U.S. District Court for the Western District of Michigan, the company is working with federal authorities and cybersecurity experts to fully restore its global operations.
Comments