FBI Director Kash Patel’s personal email account was compromised by an Iran-linked hacker group, Handala Hack Team, which publicly posted images of Patel and what appears to be his resume online, according to a report.
Reuters reported on Friday that the group celebrated the breach on its website, declaring that Patel “will now find his name among the list of successfully hacked victims.”
The material released by the hackers reportedly includes a mix of personal and professional correspondence spanning 2010 to 2019.
While the content has not been independently verified, several email addresses correspond to Patel’s known accounts from previous data leaks preserved by dark web intelligence sources.
Cybersecurity experts warn that personal accounts, even those used casually, can serve as a backdoor into official systems, amplifying the risk to sensitive national security operations.
A Justice Department official confirmed the breach to Reuters but declined to offer further details.
Neither the FBI nor the Handala Hack Team responded immediately to media inquiries.
The FBI has traditionally emphasized the strength of its digital safeguards, but this incident highlights the challenges of protecting personal communication channels of high-ranking officials.
The Handala Hack Team identifies as a pro-Palestinian vigilante group and is believed by Western cybersecurity researchers to have ties to Iranian government cyberintelligence operations.
The group has claimed responsibility for several high-profile hacks, including an attack on Michigan-based medical technology firm Stryker, reportedly deleting a large volume of company data, as Resist the Mainstream previously reported.
Analysts note that Handala often targets private sector entities, government officials, and individuals linked to U.S. or Israeli intelligence networks, leveraging such operations for political messaging and intimidation.
The timing of Patel’s personal email hack coincides with broader legal scrutiny of his communications.
In 2022, Special Counsel Jack Smith subpoenaed extensive phone, email, and financial records from Patel, then a private citizen, during the investigation into President Donald Trump’s actions around the 2020 election.
Republican Senators Charles Grassley (IA), Ron Johnson (WI), and Ted Cruz (TX) authorized the release of these records.
While the subpoenas covered call logs, session times, usernames, and other metadata, the content of messages was not requested, according to the Daily Express.
Cybersecurity specialists caution that combining such metadata with a cyberattack could magnify the exposure of sensitive operational information.
U.S. authorities have sought to disrupt Handala’s operations, seizing four domains linked to the group earlier this year.
Past Handala attacks have targeted individuals connected to the Israeli Defense Forces and other sensitive targets, reflecting Iran’s broader use of cyber-enabled transnational pressure campaigns, according to CBS News.
The group’s online statement regarding the Patel hack criticized the FBI’s security measures and claimed its systems were “brought to their knees within hours,” underscoring the political nature of the operation.
As investigations continue, experts stress the importance of heightened cybersecurity awareness among senior officials.
Personal accounts, often overlooked in national security protocols, remain a prime target for foreign intelligence actors.
Authorities are evaluating the authenticity of the leaked material and assessing potential long-term implications for U.S. security networks.
