Iranian-Backed Hacker Group Claims Breach of St. Joseph County Systems
An Iranian-linked hacking collective, Handala Hack, has alleged a cyberattack on St. Joseph County, Indiana, claiming to have exfiltrated two terabytes of sensitive data. The stolen information reportedly includes county employee records, police reports, court documents, health records, and death certificates.
The group gained notoriety earlier this week after asserting it had compromised the email of FBI Director Kash Patel, though those claims remain unverified.
County officials acknowledged the incident but downplayed its severity. A statement from the St. Joseph County Council confirmed a breach involving a third-party virtual faxing system, which was identified and contained earlier this week. While some sensitive files may have been exposed, officials emphasized that no other county servers or systems were compromised beyond the faxing service. The county is working with vendors to assess the full scope of the incident.
The City of South Bend, which operates separately from the county, reported no impact from the alleged breach.
The motives behind the attack remain unclear, though Handala Hack’s ties to Iranian state-backed cyber operations suggest potential geopolitical or disruptive objectives. The incident highlights ongoing risks posed by third-party vulnerabilities in government infrastructure.
Source: https://www.wndu.com/2026/04/01/iranian-backed-hacker-group-claims-st-joseph-county-data-breach/
City of St. Joseph cybersecurity rating report: https://www.rankiteo.com/company/city-of-st.-joseph
"id": "CIT1775075592",
"linkid": "city-of-st.-joseph",
"type": "Breach",
"date": "3/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Public Sector',
'location': 'Indiana, USA',
'name': 'St. Joseph County',
'type': 'Government'}],
'attack_vector': 'Third-party virtual faxing system',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Employee records',
'Police reports',
'Court documents',
'Health records',
'Death certificates']},
'description': 'An Iranian-linked hacking collective, Handala Hack, has '
'alleged a cyberattack on St. Joseph County, Indiana, claiming '
'to have exfiltrated two terabytes of sensitive data. The '
'stolen information reportedly includes county employee '
'records, police reports, court documents, health records, and '
'death certificates. The group gained notoriety earlier this '
'week after asserting it had compromised the email of FBI '
'Director Kash Patel, though those claims remain unverified. '
'County officials acknowledged the incident but downplayed its '
'severity, confirming a breach involving a third-party virtual '
'faxing system. The county is working with vendors to assess '
'the full scope of the incident.',
'impact': {'data_compromised': 'Two terabytes of sensitive data',
'identity_theft_risk': 'High',
'systems_affected': 'Third-party virtual faxing system'},
'initial_access_broker': {'entry_point': 'Third-party virtual faxing system'},
'investigation_status': 'Ongoing',
'motivation': ['Geopolitical', 'Disruptive'],
'references': [{'source': 'Incident description'}],
'response': {'communication_strategy': 'Public statement downplaying severity',
'containment_measures': 'System identified and contained',
'third_party_assistance': 'Yes'},
'threat_actor': 'Handala Hack',
'title': 'Iranian-Backed Hacker Group Claims Breach of St. Joseph County '
'Systems',
'type': 'Data Breach'}