An Iran-linked hacker group has breached the personal email account of FBI Director Kash Patel and published private photographs, emails, and other personal documents online, in what U.S. officials and cybersecurity experts see as the latest digital retaliation campaign tied to rising tensions between Washington and Tehran.
The group claiming responsibility is Handala Hack Team, a pro-Iranian hacking outfit that U.S. authorities have linked to broader psychological operations and cyber-enabled intimidation efforts. Reuters reported Friday that the hackers said they accessed Patel’s personal Gmail account and posted more than 300 emails, along with photographs and documents, on the internet. The material reportedly dates from 2010 to 2019 and includes both personal and some official correspondence, although officials told Reuters the exposed emails do not appear to contain classified government information.
Handala posted a message on their website, claiming responsibility for the hack and linking it to the FBI “proudly” seizing their domains and immediately announcing “$10 million reward for the heads of the Handala Hack members.” Their response “to this ridiculous show” will be “remembered forever.” The hacker group said that “the so-called ‘impenetrable’ systems of the FBI were brought to their knees in a matter of hours by our team.”
The Associated Press separately reported that the leaked cache also included a resume, travel-related records, and personal photos, among them images allegedly showing Patel with a vintage sports car and smoking a cigar. The FBI said the compromised material was “historical” and not related to government business. AP also reported that Patel had been warned as early as December 2024 that he could be a target of Iranian cyber activity.
FBI spokesman Ben Williamson told Reuters that “we have taken all necessary steps to mitigate potential risks associated with this activity” and that the data involved was “historical in nature and involves no government information.” The hacker group also leaked the names, ID numbers, passports, places of residence, and service bases of 28 American military engineers stationed in the Middle East, currently working for weapons manufacturer Lockheed Martin.
Lockheed Martin told Reuters that they were “aware of the reports and had policies and procedures in place ‘to mitigate cyber threats to our business.'” Cybersecurity researchers said that such operations are often designed less to steal secrets than to “embarrass U.S. officials and ‘make them feel vulnerable.'”
Just last week, the Justice Department announced the seizure of four domains allegedly used in cyber-enabled psychological operations conducted by actors tied to Iran’s Ministry of Intelligence and Security, or MOIS. The department said those sites were part of a campaign involving hacking, doxxing, and intimidation. Reuters later reported that Handala quickly restored its online presence even after the takedown.
The Patel breach also fits a wider pattern. Reuters reported in June 2025 that another Iran-linked hacking operation threatened to release emails stolen from people close to President Donald Trump, including Susie Wiles, Lindsey Halligan, and Roger Stone.
