March 19, 2026

CISA Warns US Organizations to Secure Microsoft Intune After Stryker Data Breach

Vaibhav March 19, 2026
CISA Warns US Organizations to Secure Microsoft Intune After Stryker Data Breach
Post Views: 13

US Organizations Warned to Secure Microsoft Intune Systems After Stryker Breach

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to US organizations to strengthen their Microsoft Intune systems following a cyberattack on medical technology giant Stryker.

The Attack

The attack, which was claimed by the Iranian-linked hacktivist group Handala, resulted in the theft of 50 terabytes of data and the wiping of nearly 80,000 devices.

According to sources familiar with the incident, the attackers created a new Global Administrator account after compromising an existing administrator account. They then used the built-in wipe command in Microsoft’s Intune cloud-based endpoint management tool to carry out the attack on March 11.

CISA’s Response

In response to the incident, CISA has urged all US organizations to harden their Intune environments to prevent similar attacks. The agency has provided a list of recommendations for securing endpoint management systems, including the use of a least-privilege approach for admin roles and the enforcement of multi-factor authentication (MFA) and privileged-access hygiene.

Microsoft’s Guidance

Microsoft has also provided guidance on hardening Intune administrative controls, which includes assigning only necessary permissions through role-based access control (RBAC) and requiring multi-admin approval for changes to sensitive actions such as device wipes and application updates.

The Handala Group

The Handala group, which emerged in December 2023, has been linked to Iran’s Ministry of Intelligence and Security (MOIS) and is known for stealing and leaking sensitive data from compromised systems. The group has targeted Israeli organizations with Windows and Linux data-wiping malware.

Importance of Securing Endpoint Management Systems

CISA’s warning highlights the importance of securing endpoint management systems to prevent similar attacks. By following the recommended best practices, organizations can reduce the risk of compromise and protect their systems from malicious activity.

Preventing Unauthorized Access

The incident serves as a reminder of the importance of implementing robust security measures to prevent unauthorized access to privileged actions. By using a least-privilege approach and enforcing MFA and privileged-access hygiene, organizations can significantly reduce the risk of compromise.

Preventing Data-Wiping Malware Attacks

In addition to securing Intune systems, organizations should also be aware of the risks associated with data-wiping malware and take steps to prevent such attacks. This includes implementing robust backup and disaster recovery procedures, as well as regularly monitoring systems for suspicious activity.

Conclusion

By taking proactive steps to secure their systems, organizations can reduce the risk of compromise and protect their sensitive data from malicious actors.



About Author

Vaibhav

See author's posts

More Stories

EU Imposes Sanctions on Chinese and Iranian Firms Supporting Cyber Hacking Operations

EU Imposes Sanctions on Chinese and Iranian Firms Supporting Cyber Hacking Operations

Vaibhav March 18, 2026
Konni Uses KakaoTalk to Spread EndRAT in Targeted Phishing Campaigns

Konni Uses KakaoTalk to Spread EndRAT in Targeted Phishing Campaigns

Vaibhav March 18, 2026
Stryker Data Breach: Iranian Hackers Utilize Stolen Credentials and Malware

Stryker Data Breach: Iranian Hackers Utilize Stolen Credentials and Malware

Vaibhav March 18, 2026

Latest Cyber Security News

Nagomi Security Expands into Agent-Driven Exposure Elimination with Agentic Exposure Ops

Nagomi Security Expands into Agent-Driven Exposure Elimination with Agentic Exposure Ops

Vaibhav March 19, 2026
Enterprise Browser Security: Versa Secure Delivers Native Protection for Business Apps

Enterprise Browser Security: Versa Secure Delivers Native Protection for Business Apps

Vaibhav March 19, 2026
4chan Dodges UK Regulator Fines, Refuses £520,000 Payment for Online Safety Breaches

4chan Dodges UK Regulator Fines, Refuses £520,000 Payment for Online Safety Breaches

Vaibhav March 19, 2026
Enterprise Identity Risk Detection and Mitigation with Flare Foretrace

Enterprise Identity Risk Detection and Mitigation with Flare Foretrace

Vaibhav March 19, 2026
iOS Vulnerability Exposed: Researchers Uncover New Exploit Kit

iOS Vulnerability Exposed: Researchers Uncover New Exploit Kit

Vaibhav March 19, 2026
en_USEnglish
en_USEnglish