Hackers linked to Iran have published private messages and photos of FBI Director Kash Patel that they claim to have swiped from a personal email.
The “Handala Hack Team” took a victory lap for the breach on Friday, bragging on its website that “so-called ‘impenetrable’ systems of the FBI were brought to their knees within hours by our team.” However, the hacked material appears to predate Patel’s stint as director.
The group shared undated photos of a younger-looking Patel, now 46, during a trip to Havana, Cuba. He is photographed sniffing and smoking a cigar, standing by a 1955 DeSoto Firedome, and posing with a statue of Ernest Hemingway at the city’s El Floridita Bar.
Other photos appeared to show Patel standing in an office and on an airport tarmac.
A Justice Department official told Reuters, “The material published online appeared authentic.” A separate source told CNN the same.
The FBI told the Beast it was aware of a hack by “malicious actors” and said that it had “taken all necessary steps to mitigate potential risks associated with this activity.”
The statement continued, “The information in question is historical in nature and involves no government information.”
A cyber expert’s review of the files found that the “stolen emails appear to date from around 2011 to 2022 and appear to include personal, business, and travel correspondence that Patel had with various contacts,” according to CNN.
Handala, which describes itself as a group of pro-Palestinian vigilante hackers, is considered by Western researchers to be linked with Iranian cyberintelligence units, according to Reuters. It released a statement alongside the photos.
“Today, once again, the world witnessed the collapse of America’s so-called security legends,” the group wrote. “While the FBI proudly seized our domains and immediately announced a $10 million reward for the heads of Handala Hack members, we decided to respond to this ridiculous show in a way that will be remembered forever.”
The researcher Ron Fabela disputed the group’s claim that it had penetrated FBI security, noting that the material unearthed contained no classified government information.
“This isn’t an FBI compromise—it’s someone’s personal junk drawer,” he told CNN.
Intelligence officials warned after joint U.S.-Israeli strikes against Iran began on Feb. 28 that American officials may be targeted by Iranian-linked hackers. The email breach itself may not even be new.
In late 2024, just weeks before Trump appointed him to lead the FBI, Patel was informed that he had been targeted as part of an Iranian hack and some of his personal communications had been obtained by the group. Now, it appears Handala has made some of those emails public.
Others reportedly targeted during Trump‘s transition period included Deputy Attorney General Todd Blanche, former interim US Attorney for the Eastern District of Virginia Lindsey Halligan, and Donald Trump Jr.
More recently, Handala claimed credit on March 11 for a cyberattack on the Michigan-based medical devices and services provider Stryker. The group claimed that “200,000 systems, servers, and mobile devices have been wiped, and 50 terabytes of critical data” were extracted.
