Hackers claim breach of FBI director Kash Patel’s personal email account

Hackers identifying themselves as the Handala group have claimed responsibility for breaching the personal Gmail account of FBI Director Kash Patel, publishing alleged sensitive materials online and prompting a federal response to contain potential risks.

The group stated that it accessed Patel’s personal inbox and obtained emails, documents, conversations, and other files, some described as confidential. It released samples of the data, including watermarked personal photos and email correspondence predating Patel’s tenure as FBI director, and asserted that additional material had been made available for public download.

Federal authorities acknowledged the incident and confirmed that malicious actors targeted the director’s personal email account. The Federal Bureau of Investigation, the United States’ principal federal law enforcement and domestic intelligence agency, stated that it implemented measures to mitigate any potential impact. Officials indicated that the compromised information is historical in nature and does not involve government systems or classified federal data.

The hackers framed the intrusion as retaliation following law enforcement actions against their infrastructure and a standing U.S. government reward of up to $10 million for information leading to the identification of the group’s members. The reward is part of the State Department’s Rewards for Justice program, which targets foreign-linked cyber threat actors.

Handala, also known by aliases including Handala Hack, Hatef, and Hamsa, emerged in late 2023 as a hacktivist entity associated with cyber operations attributed to Iran’s Ministry of Intelligence and Security. The group has been linked to prior disruptive incidents, including a breach of the Microsoft environment of medical technology company Stryker, during which tens of thousands of devices were reportedly wiped.

In parallel with the ongoing investigation, security guidance issued in connection with related breach activity urges potentially affected individuals to monitor financial accounts for unauthorized transactions, contact their banking institutions if irregularities appear, and seek assistance from incident response services provider Kroll. Impacted individuals are also being advised to take precautionary steps such as placing fraud alerts or credit freezes, reviewing credit reports, and reporting suspicious activity to law enforcement authorities.