Customer Updates: Stryker Network Disruption > Read Now
Customer Updates: Stryker Network Disruption
11-Mar-2026
03/19/2026 6:05 p.m. ET
Our internal teams have continued to work around the clock with our external partners to make significant progress on our restoration efforts. We believe the incident has been contained, and we are prioritizing restoration of systems that directly support customers, ordering and shipping.
We have been focused on proactive outreach to and collaboration with government agencies and industry partners. We are in close contact with the White House National Cyber Director, FBI, CISA, DHA, HHS and H-ISAC and appreciate the ongoing support they have been giving us. We’re grateful to the government for their efforts to seize domains linked to the purported threat actors. Protecting the healthcare ecosystem against cyber threats is a priority that requires extensive public-private partnership. True to our commitment to transparency and a collective cyber defense, we are committed to sharing meaningful intelligence that strengthens the resilience of patient care worldwide.
As a reminder, this incident did not affect the security or safety of our products or devices. All Stryker products across our global portfolio, including connected, digital, and life-saving technologies, remain safe to use. Some of our customers that utilize our personalized implants are experiencing some disruptions. We understand that some patient-specific cases scheduled for the week of March 16 have been rescheduled due to shipping delays we are experiencing. There is nothing more important to us than the customers and patients we serve, and we recognize the criticality of every procedure to every patient. We are working as quickly and safely as possible to reconcile orders, manufacture product and deliver to our customers so they can continue to provide seamless patient care. This is a 24/7 effort and the first priority of our entire organization.
03/19/2026 5:54 p.m. ET
On March 11, 2026, we experienced a cybersecurity attack which resulted in a global disruption. Upon detecting this incident, we quickly activated our incident response plan and launched an investigation with the support of external advisors and cybersecurity experts. We believe the incident has been contained, and we are now in the restoration process, which is progressing steadily.
Importantly, the incident did not affect any of our products – connected or otherwise. All Stryker products across our global portfolio, including connected, digital and life-saving technologies, remain safe to use. Below are responses to some of your inquiries for the BACS (Balance ACS) Assure Application:
Is the BACS Assure application impacted? No, the application is not impacted.
Is the application safe to use? Yes, BACS Assure is safe to use.
Is the BACS database connected to Stryker’s affected internal environment? BACS Assure does not transmit or receive data from Stryker’s environment.
Was any of the PHI or other sensitive data in BACS exposed? No, BACS Assure does not transmit or receive data from Stryker’s environment.
03/19/2026 5:54 p.m. ET
On March 11, 2026, we experienced a cybersecurity attack, which resulted in a global disruption. Upon detection, we quickly activated our incident response plan and launched an investigation with the support of external advisors and cybersecurity experts. We believe the incident has been contained, and we are now in the restoration process, which is progressing steadily.
Importantly, the incident did not affect any of our products – connected or otherwise. All Stryker products across our global portfolio, including connected, digital and life-saving technologies, remain safe to use. This includes our navigation products, which are not impacted and are safe to use.
Below are responses to some of your inquiries for Stryker navigation systems and associated applications, including:
• Legacy navigation platforms: NAV3, NAV3i, NavSuite3 Kit, Navigation II system, and all associated software applications.
• Current navigation platforms: Q Guidance System, Ortho Q Guidance System, and all associated software applications.
• ENT navigation platform: Scopis Electromagnetic Navigation Unit (ENU) and all associated software applications.
Are my Stryker navigation systems and associated applications impacted? No, these devices and the associated applications are not impacted.
Are the products safe to use? Yes, Q Guidance System, Ortho Q Guidance System, Stryker's legacy navigation systems, Scopis ENU, and the associated software applications are safe to use.
Thank you for your continued partnership. We remain committed to serving you and your patients as we resume full operations.
03/19/2026 5:54 p.m. ET
On March 11, 2026, we experienced a cybersecurity attack, which resulted in a global disruption. Upon detecting this incident, we quickly activated our incident response plan and launched an investigation with the support of external advisors and cybersecurity experts. We believe the incident has been contained, and we are now in the restoration process, which is progressing steadily.
Importantly, the incident did not affect any of our products – connected or otherwise. All Stryker products across our global portfolio, including connected, digital and life-saving technologies, remain safe to use.
Below are responses to some of your inquiries for Airo TruCT mobile imaging system:
Is my Airo TruCT imaging system impacted? No, the imaging system is not impacted.
Is the product safe to use? Yes, the Airo TruCT imaging system is safe to use.
Is my Airo TruCT imaging system connected? While Airo TruCT is capable of connecting to a hospital’s local network or other devices, it does not receive data from Stryker’s environment.
Can the device be used offline? Yes, Airo TruCT imaging system may be used offline. Refer to device IFU and/or Secure Operations Manual SOM for additional details.
03/15/2026 11:30 a.m. ET
We wanted to provide you the latest update on the Stryker network disruption and progress on our restoration.
Safety of our products
All Stryker products across our global portfolio, including connected, digital, and life-saving technologies, remain safe to use. This event was contained to Stryker’s internal Microsoft environment, and as a result it did not affect any of our products—connected or otherwise. Stryker, much like any Fortune 300 company, has embedded policies and procedures for cybersecurity assurances for our products in the field. This process at Stryker provides additional assurances that no potential vulnerabilities or risk of exploitation related to our connected products exist. Per our standard protocols, we have leveraged this process to confirm that our connected products were not impacted by the incident and remain safe to use.
Communicating with your Stryker Sales Representatives
It is completely safe for Stryker sales representatives to be onsite in hospitals and facilities. It is also safe for you to communicate by phone or e-mail with Stryker personnel. The event only affected Stryker’s internal Microsoft corporate environment. This was not a ransomware attack, and there is no evidence of malware deployed to our systems. The incident has been contained, and we are now in the restoration process, which is progressing steadily.
Supply, ordering and shipping
We are working closely with our global manufacturing sites to manage operations and mitigate potential impacts, supported by our robust resiliency and business continuity plans. We are actively bringing our electronic ordering systems back online. In the meantime, your Stryker Sales Representatives will be working with you and your distributors directly in an effort to bring you replenishment product through manual ordering where that option exists. Orders placed prior to the disruption will be reconciled as systems are restored, and electronic orders placed during the disruption will process once systems are back online, and supply is flowing normally.
Next steps
We are prioritizing restoration of systems that directly support customers, ordering and shipping. Our core transactional systems are already on a clear path to full recovery, and we will continue to provide updates as progress is made. There is nothing more important to us than the customers and patients we serve, and we are grateful for your continued support and partnership.
03/13/2026 6:50 p.m. ET
Stryker is responding to a global network disruption to our Microsoft environment as a result of a cyber attack. We have no indication of ransomware or malware and believe the incident is contained.
Our teams are working to understand the full impact to our internal environment and while we continue to investigate, below are responses to some of your inquiries:
Who do I direct all product-related questions to? Please direct all questions to your local sales representative, as they will have the latest information on system status and product availability.
Are my Stryker connected beds and stretchers impacted (i.e. iBedVision)? No, the devices are not impacted. These devices have their own security protocols and operate completely independently of the Stryker network.
Please reach out with further feedback, and we will keep you updated as we have more information.
03/13/2026 5:15 p.m. ET
Stryker is responding to a global network disruption to our Microsoft environment as a result of a cyber attack. We have no indication of ransomware or malware and believe the incident is contained.
Our teams are working to understand the full impact to our internal environment, and while we continue to investigate, below are responses to some of your inquiries:
Are Vocera and care.ai owned by Stryker? Yes. In 2022, Stryker Corporation acquired Vocera Communications, Inc. and in 2024 acquired Vuaant, Inc., d/b/a care.ai. Both entities are wholly owned subsidiaries of Stryker Corporation and operate under Stryker's Smart Care business unit.
Are Vocera Edge, Vocera Ease and care.ai impacted? The cloud infrastructures for these services were not impacted. Our Amazon Web Services (AWS) and Google Cloud Platform (GCP) infrastructure systems, utilized by Vocera Edge, Vocera Ease and care.ai, were not affected by the global network disruption.
Are on-premise deployments of Vocera products impacted, especially with those that have VPN connections back to Stryker? No, not impacted. Those products are deployed on customer infrastructure, and their operations do not require connectivity to Stryker systems.
Please review additional details below regarding the safety of our products:
Vocera Voice – Vocera Voice is deployed on customer-provided and customer-managed infrastructure. Its operation does not require connectivity to Stryker Corporate systems, and there is no operational dependency between customer Vocera Voice environments and the affected Stryker infrastructure.
Vocera Edge (including AWS Cloud), Vocera Engage, and Vocera Platform – These areLinux-based products that do not rely on Microsoft Windows, rendering them not susceptible to this specific attack vector. Vocera Edge, including instances hosted on AWS, operates on infrastructure that is architecturally independent of the affected Stryker Corporate systems. The remote systems and connection paths used to maintain these products are isolated from the impacted environment.
care.ai Platform (Google Cloud Platform) – The care.ai Platform is hosted onGCP, which is architecturally independent of the affected Stryker Corporate systems. The incident did not extend to GCP infrastructure or the care.ai application. The system continues to operate normally.
Vocera Ease (Amazon Web Services) – Vocera Ease is hosted on Amazon Web Services (AWS) and operates entirely within AWS infrastructure, which is architecturally independent of the affected Stryker Corporate systems. While Vocera Ease utilizes Azure Entra ID for identity and authentication services, this component was not within the attack vector and was not impacted by the incident. Vocera Ease continues to operate normally.
Our Corporate Cyber Security and Product Security Teams maintain ongoing monitoring for anomalies as part of standard operations. We have verified that customer data flows are operating as expected and will continue to actively monitor system performance. In addition to certain other precautionary actions, we have heightened the frequency of security scans across all cloud environments and are conducting a comprehensive review of access controls to ensure continued integrity of customer data.
We remain committed to full transparency throughout this process. We will keep you updated as we have more information.
03/13/2026 3:30 p.m. ET
Stryker is responding to a global network disruption to our Microsoft environment as a result of a cybersecurity attack. We have no indication of ransomware or malware and believe the incident is contained.
Our teams are working to understand the full impact to our internal environment and while we continue to investigate, below are responses to some of your inquiries.
We can confirm Stryker's Surgical Visualization Platforms and Connected OR Hub, as well as server and cloud products from Stryker's Endoscopy business, including Studio3, Datamediator, Hospital Status, and Cisco Codecs, are not impacted.
These products do not rely on or integrate with Stryker’s internal environment. Due to the nature of the product’s architecture and its separation from the affected systems, there is no exposure pathway related to this incident.
Can I continue to use these products in surgery? Yes. You may continue to use these products as intended during surgery.
Are these products safe to remain on the hospital network? Yes. The safety of these products has not been impacted by this cybersecurity attack.
We are committed to keeping our stakeholders informed as we manage this situation. There is nothing more important to us than the customers and patients we serve. Please visit this page for the most up to date communication.
03/13/2026 3:23 p.m. ET
We are continuing to resolve the disruption impacting our global network, resulting from the cyber attack.
Our full-service Sustainability Solutions support for collections of used devices as part of our reprocessing program will continue. There may be some minor interruptions, but you can have confidence that your local Stryker service team member will be collecting at your facilities according to their normal schedule.
Please contact your local Stryker sales rep or service team member with any questions.
03/13/2026 3:13 p.m. ET
Stryker is responding to a global network disruption to our Microsoft environment as a result of a cyber attack. We have no indication of ransomware or malware and believe the incident is contained.
Our teams are working to understand the full impact to our internal environment and while we continue to investigate, below are responses to some of your inquiries:
Who do I direct all product-related questions to? Please direct all questions to your local sales representative, as they will have the latest information on system status and product availability.
Can I place orders and plan to receive products from Stryker’s Sage business? If you order through distribution networks, please work with your distributor to continue normal ordering patterns. If you order directly through Stryker, we are actively working on shipping timelines and will provide updates as soon as they become available.
Is there a plan in place to handle the backlog of orders? We will be running additional shifts and personnel to facilitate any potential backlog while working closely with distributors and customers. Your Stryker representative and distribution representatives will have the most up-to-date information as it becomes available.
Please reach out with further feedback, and we will keep you updated as we have more information.
03/13/2026 3:11 p.m. ET
Stryker is responding to a global disruption in our Microsoft environment as a result of a cyber attack. We have no indication of ransomware or malware and believe the incident is contained.
Our teams are working to understand the full impact to our internal environment, and while we continue to investigate, below are responses to some of your inquiries for the SurgiCount and Triton applications and EMR connectivity, including:
• SurgiCount Gen2 Android Barcode Application
• SurgiCount+ Gen2 RFID Application
• SurgiCount+Triton Gen3 Application
Is the product safe to use? Yes, SurgiCount and Triton devices are safe to use; connected or offline.
Are my SurgiCount or Triton Devices impacted? No, the devices are not impacted.
Do I need to restart devices? No, you do not need to take any action.
Can the device be used offline? Yes, SurgiCount and Triton devices can work without WiFi for up to 30 days. While offline, wound packing, prior quantitative blood loss (QBL) completion and realtime notifications are not available, including EMR connectivity. Refer to the IFU for additional details.
Is SurgiCount a cloud-based system? Yes. SurgiCount operates within a dedicated, isolated cloud environment that is architecturally separate from other Stryker systems. SurgiCount has no interface with, or dependency on, Stryker’s corporate Microsoft environment.
Does the device connect to the Stryker internal network or an independent network? By design, SurgiCount operates independently of Stryker’s Microsoft environment, with no standard network pathway between the two environments.
Please reach out with further feedback, and we will keep you updated as more information becomes available.
03/12/2026 9:13 p.m. ET
Media Statement:
On March 11, 2026, we experienced a cybersecurity attack which resulted in a global disruption to Stryker’s Microsoft environment. Upon detecting this incident, we quickly activated our incident response plan and launched an investigation with the support of external advisors and cybersecurity experts.
Importantly, the incident is contained to Stryker’s own internal Microsoft environment. There is no malware or ransomware detected. Our connected products are not impacted and are safe to use.
This incident has caused disruptions to order processing, manufacturing and shipping. However, we are working diligently to restore our systems and above all, we are committed to ensuring our customers can continue to deliver seamless patient care.
We implemented business continuity measures to support our customers and partners to the fullest extent possible. We will provide updates as services begin to come back online.
Our investigation into the nature and scope of this incident remains ongoing and is in its early stages. We are collaborating with law enforcement and our government agency partners to share meaningful intelligence about this incident as we learn more.
For media inquiries related to the global network disruption, please contact MediaRelations@stryker.com
03/12/2026 2:24 p.m. ET
Stryker is responding to a global network disruption to our Microsoft environment as a result of a cyber attack. We have no indication of ransomware or malware and believe the incident is contained.
Our teams are working to understand the full impact to our internal environment and while we continue to investigate, below are responses to some of your inquiries:
Are my LIFEPAK Devices impacted? No, the devices are not impacted. These devices have their own security protocols and operate completely independently of the Stryker network.
Do I need to restart devices or remove batteries on my device? No, you do not need to take any action.
Is it safe to transmit via LIFENET System? Our LIFENET system continues to function normally with no impact from the disruption. We have verified customer information is flowing as expected and will continue to monitor system performance. We have also taken additional precautions to further secure the system due to the critical nature of the customer data.
We have been made aware that some ePCR vendors and/or hospital systems may have temporarily paused transmissions. If you are experiencing this issue, please contact your ePCR vendor or Hospital administrators.
Please reach out with further feedback and we will keep you updated as we have more information.
03/12/2026 10:43 a.m. ET
Stryker is responding to a global network disruption to our Microsoft environment as a result of a cyber attack. We have no indication of ransomware or malware and believe the incident is contained.
Our teams are working to understand the full impact to our internal environment and while we continue to investigate, below are responses to some of your inquiries:
Is the Mako System connected? The Mako System for hip, knee and shoulder procedures is not a connected device.
For Mako plans, what layers of security do we have built into our USB's/flash drives? Stryker has several layers of data security built into our flash drives including encryption for data and automated quality checks that will display an error message if the uploaded plan does not match the expected plan. We have confirmed there is no malware that can be downloaded and the disruption is impacting our internal Microsoft environment.
Can I use the Mako plan that was downloaded prior to today? Yes, we have the capabilities to locally plan the case directly on the Mako System for total and partial knees in addition to planning on the MPS laptops. Reps can hand carry the CD directly to the system and plan on the system without requiring any connectivity.
Please reach out with further feedback and we will keep you updated as we have more information.
03/12/2026 12:32 a.m. ET
We are continuing to resolve the disruption impacting our global network, resulting from the cyber attack.
At this time, there is no indication of malware or ransomware and we believe the situation is contained to our internal Microsoft environment only.
Our products like Mako, Vocera and LIFEPAK35 are fully safe to use.
We have visibility to the orders entered before the event, and they will be shipped as soon as our system communications are restored. Any orders that have come in after the event are being examined.
We are working to ensure our electronic ordering system is back up and running as quickly as possible.
It is safe to communicate with Stryker employees and sales representatives by email and phone, and within your facility.
We are committed to keeping our stakeholders informed as we manage this situation. There is nothing more important to us than the customers and patients we serve. Please visit Stryker.com/newsroom for daily updates.
03/11/2026
Stryker is experiencing a global network disruption to our Microsoft environment as a result of a cyber attack. We have no indication of ransomware or malware and believe the incident is contained.
Our teams are working rapidly to understand the impact of the attack on our systems.
Stryker has business continuity measures in place to continue to support our customers and partners. We are committed to transparency and will keep stakeholders informed as we know more.