Iranian hackers breach FBI director’s personal email, and post his resume and photos online
It’s not every day you learn that the head of America’s top law enforcement agency has been hacked, but then – these aren’t ordinary times.
The FBI has confirmed that hackers linked to Iran broke into FBI Director Kash Patel’s email account, publishing his photos and other stolen documents.
The hacker group Handala, which works for an Iranian, pro-Palestinian hacktivist, has published on its website a series of personal photos of Kash Patel: sniffing and smoking cigarettes, riding an antique convertible, and looking at his face while taking a selfie in the mirror with a large bottle of rum.” The hackers also wrote what appears to be an FBI director.
Sample item uploaded by hackers and reviewed by Reuters seems to show a mix of personal and professional journals between 2010 and 2019.
Journalists at TechCrunch confirmed that at least some of the leaked emails came from Patel’s Gmail account by verifying the subject lines of the messages. The most recent files in the leak are from around 2019.
In a statement the FBI said it was “aware of the malicious actors who targeted Director Patel’s personal email information,” and that it had “taken all necessary steps to mitigate the potential risks associated with this operation.”
According to the FBI, no classified or federal programs were accessed. The hack appears to have been limited to Patel’s private Gmail account, rather than any FBI infrastructure. Although that, perhaps, is not much comfort to the director of the most famous law firm in the world.
To add to Kash Patel’s disgrace, this is not even the first time he has been targeted by Iranian criminals. His personal messages were hacked in December 2024, before he was appointed FBI director.
The activity of the Handala criminal group has increased recently in response to the United States and Israel launching an attack on Iran. Handala claimed responsibility in recent weeks for hacking Stryker and Lockheed Martin in response to the Iran war.
The Stryker attack saw Handala claim credit for disabling the medical service provider’s network by removing large amounts of company data and wiping thousands of employee devices.
Earlier this month, the DOJ seized and took down four websites linked to the Handala group, making the Kash Patel leak look like an act of revenge.
The FBI has announced a US$10 million reward for information related to the Handala hackers.
The attack on Kash Patel’s inbox is more embarrassing than tragic. The adult’s emails and photos of Patel smoking are unlikely to pose a threat to national security. But it’s clear that Iranian hackers are becoming increasingly destructive and brazen in their attacks, especially against those affiliated with those Iran views as a threat to its security.
Private businesses are at greater risk of disruption of services, information theft, or data deletion as are those organizations that work in conjunction with the US and Israeli governments and the military.
And obviously high-level officials, in government and business, are always victims of a high number of government-sponsored hackers. A personal Gmail account linked to an FBI director cannot be considered a low-level target.
Using strong, unique passwords and enabling multi-factor authentication on personal accounts isn’t just good advice for casual users. It’s important hygiene for anyone whose inbox one day ends up being uploaded to an Iranian hacker group’s website.
