Iranian hackers from the Handala Hack Team broke into FBI Director Kash Patel’s personal email and publicly posted what they took. Despite their bold claims of breaching “impenetrable” FBI systems, what they actually got was far from classified; mostly family photos and details about an old apartment search.
According to CNN, a person familiar with the breach confirmed that the group accessed Patel’s personal email and posted the materials online, including photos and documents. A source close to the incident confirmed the authenticity of the files, which appear to date from around 2011 to 2022, and include personal, business, and travel correspondence.
Cybersecurity researcher Ron Fabela summed it up bluntly: “This isn’t an FBI compromise – it’s someone’s personal junk drawer.” The FBI confirmed the breach but made clear that no government information was obtained, and said it has taken all necessary steps to reduce any potential risks.
The Handala Hack Team is part of a larger and ongoing pattern of Iranian cyber attacks targeting US officials
The FBI is offering a $10 million reward for information leading to the identification of the Handala Hack Team, which it says has frequently targeted US government officials. In a statement, the FBI said, “Consistent with President Trump’s Cyber Strategy for America, the FBI will continue to pursue the actors responsible, support victims, and share actionable intelligence in defense of networks.”
This is not the first time Iranian-linked hackers have targeted Patel. In late 2024, just weeks before his appointment to lead the FBI, Patel was informed that he had been targeted in an Iranian hack, with some of his personal communications accessed.
That breach was part of a wider effort by foreign hackers from both China and Iran to access accounts of incoming Trump officials, including now Deputy Attorney General Todd Blanche, former interim US Attorney Lindsey Halligan, and Donald Trump Jr.
US intelligence officials have consistently warned about Tehran-linked hackers potentially retaliating following US and Israeli bombing of Iran that began last month. Some reports suggest Trump may not be receiving the full picture of the Iran conflict, which raises further concerns about how the situation is being managed at the highest levels.
The same group behind this most recent breach was also responsible for a cyberattack earlier this month that disrupted operations at a major US medical device company. The hackers said that attack was in retaliation for a missile strike on an elementary school in Iran, which Iranian state media claimed killed at least 168 children.
The Justice Department has accused these hackers of working directly for Iran’s Ministry of Intelligence and Security. Following the medical device company hack, the department seized websites used by the group in an attempt to disrupt their operations.However, the Iranian cyber operatives have continued their attacks. Meanwhile, Pakistan’s role as a mediator in the Iran conflict could prove to be a significant development in how this broader standoff between the US and Iran eventually unfolds. The digital confrontation between the US and Iran-linked hackers shows no signs of stopping.
Published: Mar 28, 2026 10:15 am