FBI Director Kash Patel's Email Compromised by Iran-Linked Hackers
The FBI has confirmed that Kash Patel, the FBI Director, had his personal email account hacked by a group linked to Iran. The hackers published his private emails and photographs online.
The group responsible, known as the Handala Hack Team, posted what they claim to be Patel's resume and photos of him on their website, accompanied by a statement:
This is just our beginning.
They further taunted the FBI with the message:
If your director can be compromised this easily, what do you expect from your lower-level employees?
The FBI clarified that the information accessed is historical and does not include any government data.
Previous Targeting and Leaked Photos
This incident is not the first time Patel's email has been targeted by Iranian-backed hackers. He was previously targeted in 2024, just weeks before his appointment as FBI Director.
Photos that Handala claims to have extracted from Patel's email have circulated on social media, bearing the group's watermark. These images depict Patel in various unidentified locations, including standing beside a vintage convertible, smiling next to a jet, smoking and sniffing cigars, taking a selfie beside a bottle of liquor, and posing in what appear to be restaurants and hotels.
The BBC has not independently verified the authenticity of the leaked documents.
Handala Hack Team's Statement and FBI Response
In their announcement of the hack, the Handala group declared:
The so-called 'impenetrable' systems of the FBI were brought to their knees within hours by our team.
This is the security that the US government boasts about?! This is the cyber giant that thinks threats and bribes can silence the voice of resistance?!
In response, the FBI is offering a reward of up to $10 million (£7.5 million) for information leading to the identification of members of the Handala group.
US Justice Department Actions Against Handala
Last week, the US Department of Justice seized multiple domain names linked to Handala, which were allegedly involved in hacking operations connected to the Islamic Republic of Iran.
The department stated that Iran's Ministry of Intelligence and Security (MOIS) used the Handala websites to disseminate "terrorist propaganda," conduct "attempted psychological operations targeting adversaries of the regime," claim responsibility for hacking activities, and call for the killing of journalists and dissidents.
Handala claimed their hack of Patel's email was retaliation for the FBI's seizure of their websites and the FBI's $10 million reward offer for information on similar malicious cyberattacks.
Handala's Previous Cyberattack on US Medical Firm
Earlier in March, the Handala group took responsibility for a cyberattack on US medical technology company Stryker.
The attack involved defacing the company's employee login page with a message stating that data had been erased in a 'wiper' attack by the Iran-backed hacktivist group.
On their now-suspended X account, Handala claimed to have wiped "over 200,000 systems, servers, and mobile devices" and extracted "50 terabytes of critical data" during the Stryker cyberattack.
The group stated that the attack was:
In retaliation for the brutal attack on an Iranian girls' school at the start of the war, which killed over 160 people, as well as in response to ongoing cyber assaults against the infrastructure of Iran and its allies.
