On March 11, 2026, the Iran-linked hacktivist group Handala (a persona of Void Manticore, affiliated with Iran’s Ministry of Intelligence and Security) wiped between 80,000 and 200,000 employee devices at Stryker Corporation (US medical device manufacturer) across 79 countries. Attackers gained access to a single Microsoft Intune admin account and issued mass remote wipe commands, resetting corporate and personal BYOD devices including photos, eSIMs, and personal authenticator apps. Handala claimed 50 TB of data was also exfiltrated; no patient-related services or connected medical devices were affected. CISA issued an advisory urging organizations to secure MDM/Intune admin accounts. The attack was framed as retaliation for a missile strike. Stryker confirmed full operational recovery. This is a notable example of weaponizing legitimate MDM infrastructure for destructive purposes.