Hackers linked to the Iranian government accessed FBI Director Kash Patel’s private email and posted content including photos and documents taken from his account, a person familiar with the breach confirmed to CNN.
Hackers have published a series of photos of Patel taken before he became FBI director and they claim they were stolen from his personal email account. A source familiar with the incident confirmed the authenticity of the images.
According to an initial CNN review of the files with the help of an independent cybersecurity researcher, the stolen emails appear to date from approximately 2011 to 2022 and include Patel’s personal, business and travel correspondence with various contacts.
Researcher Ron Fabella said what the hacking group is calling a breach of “impenetrable” FBI systems is actually something much more mundane – a breach of family photos and details on Patel’s previous search for an apartment.
“This is not an FBI compromise – this is someone’s personal junk drawer,” he said.
Reuters first reported the breach of Patel’s emails on Friday.
The FBI has confirmed the breach and said no government information was obtained. The FBI is offering a $10 million reward for information leading to the identification of the “Handala Hack Team,” a group the FBI says frequently targets U.S. government officials.
“The FBI is aware of malicious actors targeting Director Patel’s personal email information, and we have taken all necessary steps to mitigate the potential risks associated with this activity,” an FBI statement said in part. “Consistent with President Trump’s cyber strategy for America, the FBI will continue to pursue responsible actors, support victims, and share actionable intelligence in defense of networks.”
US intelligence officials have repeatedly warned about the possibility of retaliation by hackers linked to Tehran for the US and Israeli bombings of Iran that began last month. This is not the first time that Iran-backed hackers have accessed Patel’s personal information.
In late 2024, just weeks away from being appointed to lead the FBI, Patel was informed by officials that he had been targeted as part of an Iranian hack and that some of his private communications had been accessed.
The 2024 hack was part of a broader effort by foreign hackers — China and Iran — to access the accounts of incoming Trump officials, including now-Deputy Attorney General Todd Blanche, former interim U.S. Attorney for the Eastern District of Virginia Lindsay Halligan, and Donald Trump Jr.
The Iran-linked hacking group that claimed responsibility for accessing Patel’s emails in this most recent breach was also behind a cyberattack earlier this month that disrupted the business operations of a major US medical device maker.
The hackers then said they were retaliating for a missile attack on an elementary school in Iran, which Iranian state media claimed killed at least 168 children. The Pentagon has said it is investigating the incident.
The Justice Department has accused the hackers of working for Iran’s Ministry of Intelligence and Security. The department responded to the hack of the medical device company by seizing websites used by Iran-linked hackers to disrupt their operations. But Iranian cyber operators have continued to claim victims and spread disinformation.
<a href