A cyber outfit known as Handala has breached the personal email of FBI Director Kash Patel, according to Reuters. The attackers released materials from his inbox on their site to demonstrate the intrusion, featuring images of Patel inhaling and puffing on cigars, along with a selfie where he grimaces while posing in front of a mirror holding a big bottle of rum.
TechCrunch verified independently that portions of the pilfered messages originated from Patel's inbox by examining delivery metadata embedded in email headers. Multiple compromised emails bore a digital certificate tying them directly to his account. The FBI has acknowledged the breach separately, stating to TechCrunch: 'The FBI is aware of malicious actors targeting Director Patel's personal email information, and we have taken all necessary steps to mitigate potential risks associated with this activity.' The agency added: 'The information in question is historical in nature and involves no government information.'
The FBI is providing rewards of up to $10 million for tips leading to details on those responsible for the attack on Patel's email. Online, Handala portrays itself as a hacking collective supportive of Palestinian causes, though experts suspect it serves as a front for Iranian state-sponsored cyber operations, per Reuters. Iranian-linked entities have previously gone after American officials. For instance, in August 2024, the FBI disclosed attempts by another team, APT42, to infiltrate the Trump and Harris presidential efforts, resulting in charges against three linked individuals that September.
Handala seems to have ramped up operations amid the ongoing tensions involving the United States, Israel, and Iran. Reuters notes that the group took credit for a digital assault on Stryker, a producer of medical equipment, back in March. Additionally, Handala boasted about obtaining and leaking private details of Lockheed Martin staff based in the Middle East.