Iran-Linked Hackers Breach FBI Official Kash Patel's Personal Email
Iran-linked hackers, identified as the Handala Hack Team, reportedly accessed the personal email account of Kash Patel, FBI's director, on Friday.
The group subsequently published personal photographs and documents online.
Breach Details Emerge
The Handala Hack Team asserted on their website that Patel had been successfully targeted. The published materials include personal photographs of Patel and a sample of over 300 emails. These emails appear to contain a combination of personal and work correspondence, spanning from 2010 to 2019.
Official Confirmation and Response
The FBI confirmed that Patel's emails were targeted. FBI spokesperson Ben Williamson stated that "all necessary steps to mitigate potential risks associated with this activity" had been taken. Williamson also indicated that the data was "historical in nature and involves no government information."
Reuters was unable to independently authenticate the published messages, but the Gmail address implicated by Handala aligns with an address linked to Patel in previous data breaches, according to District 4 Labs.
The Handala Hack Team: Iranian Proxies?
Handala describes itself as a group of pro-Palestinian vigilante hackers. Western researchers consider the group to be one of several personas utilized by Iranian government cyberintelligence units.
Handala had previously claimed responsibility for hacking Michigan-based medical devices and services provider Stryker on March 11, stating they had deleted company data. Additionally, the group claimed to have published personal data of Lockheed Martin employees in the Middle East. Lockheed Martin acknowledged these reports and stated it has policies to address cyber threats.
Broader Context and Implications
Gil Messing of Check Point characterized the operation against Patel as part of Iran's strategy to cause discomfort among US officials. Targeting senior officials' personal emails is not uncommon, with previous incidents including the hack of John Podesta in 2016 and John Brennan in 2015.
A US intelligence assessment from March 3 suggested that Iran and its proxies might respond to events, such as the killing of Iranian Supreme Leader Ayatollah Ali Khamenei, with low-level cyberattacks against US digital networks. Another group, operating under the pseudonym "Robert," previously claimed to be considering disclosing data from Susie Wiles and other figures linked to Donald Trump, a claim Reuters has not verified.