FBI Director Kash Patel’s personal email account has been hacked by an Iran-linked group calling itself Handala Hack Team, which posted photos, documents, and old emails online in what U.S. officials confirmed was a real breach but described as containing no sensitive government material.

The incursion, claimed Friday by the pro-Iranian hackers on Telegram, exposed personal images of Patel, including one of him with a cigar, and documents like a resume, mostly from 2012-2014 with one 2022 email, according to materials reviewed by POLITICO and CNN. The FBI said it was aware of the “malicious actors” and had “taken all necessary steps to mitigate potential risks.”
Hackers claim retaliation
Handala Hack Team, which the FBI links to Iran and pro-Palestinian activism, said the breach was payback for U.S. actions against its domains and a $10 million bounty. They boasted of cracking “impenetrable” FBI systems, but experts called it a routine personal account compromise.
Leaked files include Patel’s resume, family photos and apartment search details, personal “junk drawer” material, per cybersecurity researcher Ron Fabela. No evidence of recent or official FBI communications.
Justice Department confirmed authenticity to Reuters; FBI emphasized “historical” nature.
Timing amid Iran tensions
The hack comes as U.S.-Iran conflict nears one month, with Trump pushing negotiations. Handala’s move appears aimed at discrediting Patel, a Trump loyalist vocal on Iran threats.
Cybersecurity firms tie Handala to Iranian intelligence, known for targeting U.S. officials. Domain used in hack registered March 19, day FBI seized Handala sites.
FBI, DOJ response
FBI statement: “aware malicious actors targeting Director Patel’s personal email information… taken all steps to mitigate… no government information.” DOJ verified breach, no further details.
Patel has not commented publicly. Incident highlights personal account risks for officials.
Broader implications
Experts say breaches like this enable phishing, social engineering. Patel’s pre-FBI emails offer adversaries context on networks, habits.
Comes amid Iran cyber ops escalation. U.S. officials urge 2FA, password hygiene.
Political fallout likely; Trump allies decry Iranian aggression.
Cybersecurity lessons
- Use unique passwords, 2FA on personal accounts.
- Separate work/personal digital lives.
- Monitor for phishing.
Handala vowed more attacks: “just our beginning.”
