Iran-backed Handala hackers breach FBI director Kash Patel’s emails

15 minutes ago

ShareSave

Grace Eliza Goodwin

ShareSave

Getty Images

FBI Director Kash Patel’s email account has been hacked by an Iran-linked group, with his private emails and photos being published online, the agency has confirmed.

The group, known as the Handala Hack Team, shared Patel’s purported resume and photos of him on its website along with a statement that says: “This is just our beginning.”

“If your director can be compromised this easily, what do you expect from your lower-level employees?,” it says. The FBI said the information accessed is “historical in nature and involves no government information”.

This isn’t the first time Iranian-backed hackers breached Patel’s account. He was also targeted in 2024, weeks before his appointment to the FBI.

Photos Handala claims to have taken from Patel’s email account have been circulating on social media with Handala’s logo added as a watermark.

The photos show Patel at various unidentified locations, including standing beside a vintage convertible, smiling next to a jet, smoking and sniffing cigars, taking a selfie next to a bottle of liquor, and posing in what appear to be restaurants and hotels.

The BBC has not independently verified the leaked documents.

In its statement announcing the hack, the Handala group said the “so-called ‘impenetrable’ systems of the FBI were brought to their knees within hours by our team”. “This is the security that the US government boasts about?! This is the cyber giant that thinks threats and bribes can silence the voice of resistance?!”

The FBI said that it was offering up to $10m (£7.5m) for information that helps identify members of the Handala group.

Last week, the US justice department seized several Handala domain names it says were involved in hacking schemes linked to the Islamic Republic of Iran.

The department said Iran’s Ministry of Intelligence and Security (MOIS) had been using the Handala websites to spread “terrorist propaganda,” conduct “attempted psychological operations targeting adversaries of the regime”, claim credit for hacking activity, and call for the killing of journalists and dissidents.

Handala said its hack into Patel’s email account was retaliation for the FBI’s seizure of its websites, as well as for the FBI offering a reward of $10 million for information on similar malicious attacks.

Earlier in March, Handala group also claimed responsibility for the cyberattack of US medical technology firm Stryker.

The Stryker incident saw the company’s employee login defaced with a message claiming data had been erased in a ‘wiper’ attack by the Iran-backed group of hacktivists.

In a post at the time on their now-suspended X account, Handala claimed it had wiped “over 200,000 systems, servers, and mobile devices” and extracted “50 terabytes of critical data” in the Stryker attack.

The group said the Stryker cyberattack was “in retaliation for the brutal attack” on an Iranian girls’ school at the start of the war, which killed over 160 people, as well as “in response to ongoing cyber assaults against the infrastructure” of Iran and its allies.

Computer hacking

FBI

Iran

Cyber-attacks

United States