A group known as Handala Hack Team has claimed responsibility for breaching the personal email of Kash Patel, publishing what it described as his resume and private photos online alongside a warning that “this is just our beginning.” The Federal Bureau of Investigation confirmed it is aware of “malicious actors” targeting Patel’s email but stated that the data involved is old and does not include any government information. Authorities have also announced a reward of up to $10 million for information that could help identify members of the hacking group.
Reports indicate that Iranian-linked hackers may have previously accessed Patel’s private communications in 2024, shortly before his appointment as FBI director, although it remains unclear whether that incident is connected to the latest claims by the Handala group.
Images allegedly obtained from Patel’s account have been circulating online, showing him in various personal settings, including with luxury items and at social locations. However, the authenticity of the leaked materials has not been independently verified. Cybersecurity expert Cynthia Kaiser of Halcyon Ransomware Research Center suggested the data likely comes from an older breach that is now being reused. She noted that the emails appear outdated, pointing to a past compromise rather than a fresh intrusion.
In its statement, the Handala group claimed it was able to penetrate what it described as the FBI’s “impenetrable” systems within hours, questioning the credibility of US cybersecurity defenses and framing the attack as resistance against perceived pressure and intimidation. Experts, including Dave Schroeder of the University of Wisconsin–Madison, say personal accounts are generally more vulnerable than official government systems, making them frequent targets for hackers seeking high-profile exposure.
The United States Department of Justice recently seized several domains linked to the Handala group, alleging connections to Iran’s Ministry of Intelligence and Security. Officials accused the group of spreading propaganda, conducting psychological operations, and inciting violence against journalists and dissidents.
According to reports, the domain used in the Patel breach was registered the same day authorities seized other Handala-linked domains, suggesting a possible retaliatory motive. The group itself stated the hack was in response to the FBI’s actions and the financial reward offered for information on cyber threats.
Earlier in March, Handala also claimed responsibility for a cyberattack on Stryker Corporation, alleging it wiped thousands of systems and extracted large volumes of sensitive data. The group described that attack as retaliation tied to broader geopolitical tensions involving Iran and its allies.
Source: https://www.bbc.com/
