Hackers connected to the Iranian government accessed FBI Director Kash Patel’s personal email and posted materials — including photos and documents — taken from his account, a person familiar with the breach confirmed to CNN.
The hackers have published a series of photos of Patel from before he became FBI director that they claim were stolen from his personal email account. A source familiar with the incident confirmed the images’ authenticity.
The stolen emails appear to date from around 2011 to 2022 and appear to include personal, business and travel correspondence that Patel had with various contacts, according to a preliminary CNN review of the files with the help of an independent cybersecurity researcher.
What the hacking group is calling a breach of “impenetrable” FBI systems is in reality something much more mundane — a breach of things like family photos and details on Patel’s previous search for an apartment, said the researcher, Ron Fabela.
“This isn’t an FBI compromise — it’s someone’s personal junk drawer,” he said.
Reuters first reported the breach of Patel’s email on Friday.
The FBI has confirmed the breach and said no government information was obtained. The FBI is offering a $10 million reward for information that leads to the identification for the “Handala Hack Team,” a group the FBI says has frequently targeted US governement officials.
“The FBI is aware of malicious actors targeting Director Patel’s personal email information, and we have taken all necessary steps to mitigate potential risks associated with this activity,” a statement from the FBI said in part. “Consistent with President Trump’s Cyber Strategy for America, the FBI will continue to pursue the actors responsible, support victims, and share actionable intelligence in defense of networks.”
US intelligence officials have repeatedly warned about the possibility of Tehran-linked hackers retaliating for the US and Israeli bombing of Iran that began last month. It is also not the first time Iranian-backed hackers have accessed Patel’s private information.
In late 2024, Patel, just weeks away from being appointed to lead the FBI, was informed by officials that he had been targeted as part of an Iranian hack and some of his personal communications had been accessed.
The 2024 hack was part of a broader effort by foreign hackers — from China and Iran — to access accounts for incoming Trump officials including now Deputy Attorney General Todd Blanche, former interim US Attorney for the Eastern District of Virginia Lindsey Halligan and Donald Trump Jr.
The Iran-linked hacking group that claimed responsibility for accessing Patel’s emails in this most recent breach was also behind a cyberattack earlier this month that disrupted business operations at a major US medical device maker.
The hackers said then that they were retaliating for a missile strike on an elementary school in Iran, which Iranian state media has claimed killed at least 168 children. The Pentagon has said it is investigating that incident.
The Justice Department has accused the hackers of working for Iran’s Ministry of Intelligence and Security. The department responded to the hack of the medical device company by seizing websites used by the Iran-linked hackers to disrupt their operations. But the Iranian cyber operatives have continued to claim victims and spread propaganda.
