WASHINGTON — Iranian-backed cybercriminals announced Friday they successfully infiltrated FBI Director Kash Patel’s personal email account, releasing dated photographs and private documents spanning several years online.
The hacking collective known as Handala published a statement declaring their cyber breach, writing: “Kash Patel, the current head of the FBI, who once saw his name displayed with pride on the agency’s headquarters, will now find his name among the list of successfully hacked victims.”
Among the materials released were multiple images showing Patel in casual settings, including photographs of him posing next to a vintage sports car and smoking a cigar. The cybercriminals also made available downloadable files containing emails and additional personal records from Patel’s compromised account. Most of the leaked materials appear to contain information about his private travel arrangements and business activities from over ten years ago.
The FBI declined to provide immediate comment Friday regarding the security breach. However, a source with knowledge of the incident, speaking anonymously due to the sensitive nature of the investigation, verified that hackers had indeed accessed one of Patel’s personal email accounts. The exact timing of the cyberattack remains unclear, though reports from December 2024 indicated Patel had been notified by the FBI that Iranian hackers had targeted him.
Handala operates as a pro-Iranian, pro-Palestinian cyber warfare group that recently took responsibility for attacking computer systems at Stryker, a medical technology corporation based in Michigan. The group justified their assault on Stryker as payback for alleged U.S. military strikes that resulted in Iranian civilian casualties, including schoolchildren. This organization represents one of several proxy groups conducting digital warfare operations on Iran’s behalf.
Federal prosecutors highlighted Handala’s activities in a recent Justice Department announcement, revealing they had confiscated four internet domains connected to Iranian cyber operations and intimidation campaigns targeting political dissidents.
