BREAKING: Iran-Linked Hackers Breach FBI Director Kash Patel’s Personal Email — DOJ Confirms

Iran-Linked Hackers Breach FBI Director Kash Patel’s Personal Email — DOJ Confirms Leaked Material ‘Appears Authentic’

WASHINGTON — Iran-linked hackers have successfully breached FBI Director Kash Patel’s personal Gmail account, publishing hundreds of emails, photographs, and documents online in what cybersecurity experts are calling the most significant cyberattack of the ongoing U.S.-Israel-Iran conflict.

The hacking group Handala Hack Team claimed responsibility for the breach Friday, posting a statement on its website declaring that Patel “will now find his name among the list of successfully hacked victims.”

A Department of Justice official confirmed to Reuters that Patel’s email had been compromised and that the material published online “appears authentic.” The FBI has not yet issued a statement.

What Was Leaked

The hackers published more than 300 emails and photos from Patel’s personal account. According to NBC News, the leaked files were organized into folders last modified on May 21, 2025 — indicating the breach occurred months before the current Iran war began in late February.

The leaked material includes:

  • Personal and work correspondence dating between 2010 and 2019
  • Patel’s purported resume containing his personal email address
  • Personal photographs showing Patel smoking cigars and posing with an antique convertible
  • Family correspondence and photos of his children
  • Images apparently from a trip to Cuba
  • A plane ticket receipt from 2022

TechCrunch independently verified the authenticity of several leaked emails by analyzing cryptographic signatures in the message headers, confirming the emails were genuinely sent from Patel’s Gmail account.

Retaliation for Domain Seizures

The timing of the leak appears deliberate. On March 19, the Department of Justice announced it had seized four domains used by Iran’s Ministry of Intelligence and Security, including sites linked to Handala. The State Department simultaneously offered rewards of up to $10 million for information on Iranian hackers threatening U.S. critical infrastructure.

In its statement, Handala directly referenced these actions: “We decided to respond to this ridiculous show in a way that will be remembered forever.”

The domain used to publish the Patel hack was registered the same day as the DOJ’s seizure announcement.

Patel Was Previously Warned

According to NBC News, U.S. officials warned Patel in late 2024 — before he agreed to lead the FBI — that he had been targeted by Iranian cyberattacks and that hackers had sought access to his communications.

In the lead-up to the 2024 election, the FBI, Microsoft, and Google each reported that hackers working for Iran’s Islamic Revolutionary Guard Corps had attempted to breach multiple political figures, including affiliates of both Donald Trump and Joe Biden.

Who Is Handala?

Handala describes itself as a pro-Palestinian hacktivist collective, but Western cybersecurity researchers consider the group to be one of several online personas operated by Iranian government cyber intelligence units.

The group has escalated its operations since the Iran war began on February 28. Earlier this month, Handala claimed responsibility for a destructive cyberattack against Michigan-based medical technology company Stryker, claiming to have wiped tens of thousands of employee devices and deleted massive amounts of company data. Stryker, which reported more than $25 billion in revenue in 2025, confirmed its global networks were disrupted on March 11.

Handala stated that attack was retaliation for suspected U.S. strikes that killed Iranian schoolchildren.

National Security Implications

While the leaked emails predate Patel’s work with the Trump administration, the breach raises serious questions about the cybersecurity vulnerabilities of top U.S. officials.

The Gmail address compromised by Handala matched an address previously linked to Patel in older data breaches tracked by dark web intelligence firm District 4 Labs — suggesting the hackers may have exploited information from previous security incidents.

Cybersecurity experts note that Iran appears to have strategically held the stolen material for months before releasing it. “Looks like something they had sitting around,” Alex Orleans, head of threat intelligence at Sublime Security, told NBC News.

This is a developing story. Check back for updates.


Related Coverage:

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top