FBI says personal email hacked, but no classified or official data affected.
Iran-linked hackers reportedly accessed FBI Director Kash Patel’s personal email account, posting photographs and other documents online, according to both the hackers and the bureau on Friday.
The hacker group Handala Hack Team stated on their website that Patel “will now find his name among the list of successfully hacked victims.”
Among the materials released were personal photos of Patel smoking and sniffing cigars, riding in an antique convertible, and taking a mirror selfie with a large bottle of rum while making a face.
The FBI confirmed that Patel’s emails had been targeted. Bureau spokesman Ben Williamson said in a statement that “we have taken all necessary steps to mitigate potential risks associated with this activity” and emphasized that the data was “historical in nature and involves no government information.”
Handala, a group that describes itself as pro-Palestinian vigilante hackers, is regarded by Western analysts as one of several aliases used by Iranian government cyberintelligence units. The group recently claimed responsibility for a March 11 hack of Michigan-based medical devices and services company Stryker, stating that they had deleted a large amount of the company’s data.
Along with the photographs of Kash Patel, the hackers released a sample of over 300 emails, which appear to include a mix of personal and work-related correspondence from 2010 to 2019.
Reuters was unable to independently verify the authenticity of the emails, but the personal Gmail address Handala claims to have accessed matches an address linked to Patel in previous breaches documented by the dark web intelligence firm District 4 Labs. Alphabet-owned Google, which operates Gmail, did not immediately respond to a request for comment.
‘Make them feel vulnerable’
Iran-linked hackers — who initially kept a low profile after coordinated US and Israeli strikes against the Islamic Republic last month — have increasingly publicized their cyber operations as the conflict continues.
In addition to the Stryker hack, Handala claimed on Thursday to have published personal data of dozens of entity[“company”,”Lockheed Martin”,”US defence contractor”] employees stationed in the Middle East. Lockheed Martin said it was aware of the reports and maintains policies and procedures “to mitigate cyber threats to our business.”
Gil Messing, chief of staff at Israeli cybersecurity firm Check Point, said the hack-and-leak operation targeting Kash Patel was part of Iran’s strategy to embarrass US officials and “make them feel vulnerable.” He added that the Iranians are “firing whatever they have.”
It is not uncommon for foreign hackers to target the personal emails of senior officials, and breaches and leaks occur periodically. Notable examples include the 2016 hack of Hillary Clinton campaign chairman John Podesta’s Gmail account, which was published on WikiLeaks, and the 2015 breach of then-CIA director John Brennan’s AOL account by teenage hackers, who leaked information about US intelligence officials.
Such relatively unsophisticated hacks align with a US intelligence assessment reviewed by Reuters on March 2, which noted that Iran and its proxies could retaliate for the killing of Iranian Supreme Leader Ali Khamenei with low-level cyberattacks against US digital networks.
Iran-linked hackers may also have additional emails in reserve. Last year, another group operating under the pseudonym “Robert” told Reuters it was considering releasing 100 gigabytes of data stolen from White House chief of staff Susie Wiles and other aides close to Donald Trump.
About the Author
