A hacking group called Handala has gained access to FBI Director Kash Patel’s email account, Reuters reports. The group published content from Patel’s email on their website as proof, including photos of Patel “sniffing and smoking cigars” and “making a face while taking a picture of himself in the mirror with a large bottle of rum.”
TechCrunch was able to independently confirm that at least some of the emails Handala stole were from Patel’s account by checking information used by mail delivery systems that’s stored in an email’s header. Several stolen emails included a cryptographic signature that linked them to Patel’s account. The FBI has also separately confirmed that the Director’s account was hacked. “The FBI is aware of malicious actors targeting Director Patel’s personal email information, and we have taken all necessary steps to mitigate potential risks associated with this activity,” the Bureau told TechCrunch. “The information in question is historical in nature and involves no government information.”
The FBI is offering up to $10 million in rewards for more information about the hackers who targeted Patel’s account. Handala presents as a pro-Palestinian hacking group online, but is believed to be one of several aliases used by cyberintelligence units working for the Iranian government, Reuters writes. Groups affiliated with Iran have targeted officials in the US before. In August 2024, the FBI shared that a separate group, APT42, was trying to gain access to both the Trump and Harris campaigns. Three men associated with APT42 were later charged that September.
Handala has appeared to become more active during the current conflict between the US, Israel and Iran. According to Reuters, the group claimed to be behind a cyber attack on Stryker, a medical devices company, earlier in March. Handala also said it accessed and published personal data from Lockheed Martin employees stationed in the Middle East.
