Iran-linked hackers have breached the personal email account of FBI Director Kash Patel, publishing photographs of him and more than 300 emails on the internet, the hackers and the bureau confirmed on Friday.
KEY TAKEAWAYS
The hacker group Handala Hack Team said Patel 'will now find his name among the list of successfully hacked victims.' The published photos show Patel smoking cigars, riding in an antique convertible, and taking a mirror selfie with a bottle of rum.
We have taken all necessary steps to mitigate potential risks associated with this activity. The data involved was historical in nature and involves no government information.
— Ben Williamson, FBI spokesperson
What Was Leaked
The hackers published a sample of more than 300 emails appearing to show a mix of personal and work correspondence from 2010 to 2019. The personal Gmail address Handala claims to have breached matches an address linked to Patel in previous data breaches preserved by dark web intelligence firm District 4 Labs.
The emails predate Patel's appointment as FBI director, which occurred after the 2024 election. Reuters could not independently authenticate the messages, and Google, which runs Gmail, did not respond to requests for comment.
Who Is Handala?
Handala presents itself as a pro-Palestinian vigilante hacking group. Western researchers consider it one of several personas used by Iranian government cyberintelligence units.
The group has been active since the US-Israel strikes against Iran began last month. Recent claimed operations include a hack against Michigan-based medical devices company Stryker on March 11, during which Handala says it deleted a large trove of company data.
On Thursday, Handala claimed to have published personal data of dozens of Lockheed Martin employees stationed in the Middle East. The defence contractor said it was 'aware of the reports' and had policies in place 'to mitigate cyber threats.'
Pattern of Attacks
Gil Messing, chief of staff at Israeli cybersecurity company Check Point, said the operation against Patel was part of Iran's strategy to embarrass US officials and 'make them feel vulnerable.'
The Iranians are firing whatever they have.
— Gil Messing, Check Point
Personal email breaches of senior officials are not unusual. Hackers famously broke into Hillary Clinton campaign chair John Podesta's personal Gmail ahead of the 2016 election, publishing the data on WikiLeaks. In 2015, teenage hackers breached then-CIA director John Brennan's personal AOL account.
A US intelligence assessment reviewed by Reuters on March 2 predicted that Iran and its proxies could respond to recent strikes with 'low-level hacks against US digital networks.' The Patel breach fits that pattern.
More Leaks Coming?
Iran-linked hackers may be holding additional stolen data. Last year, a group operating under the pseudonym 'Robert' told Reuters it was considering disclosing 100 gigabytes of data allegedly stolen from Susie Wiles, the White House chief of staff, and other figures close to Donald Trump.
Reuters has not verified that claim, and the group has not responded to messages in several months. But the pattern suggests the Patel leak may be the first of several timed releases designed to maximise embarrassment for the administration as the conflict continues.
TLDR
Iran-linked hacker group Handala Hack Team breached FBI Director Kash Patel's personal Gmail account, publishing personal photos and more than 300 emails dating from 2010-2019. The FBI confirmed the breach but said the data was 'historical in nature' and contained no government information. The hack is part of an escalating Iranian cyber campaign following US-Israeli strikes against Iran. Handala has also claimed recent hacks against medical device company Stryker and defence contractor Lockheed Martin employees in the Middle East.
SOURCES & CITATIONS
FREQUENTLY ASKED QUESTIONS
