Iran-Backed Hacking Group "Handala" Claims Breach of FBI Director’s Personal Email
The Iran-linked hacking group Handala announced on Friday that it had compromised the personal Gmail account of Kash Patel, a former senior FBI official. The group posted images of a younger Patel alongside a cache of files allegedly extracted from his account, which appear to date up to 2019.
The FBI confirmed awareness of the breach, stating that the targeted data was "historical in nature" and contained no classified government information. The agency has since offered a $10 million reward for information leading to the identification of Handala operatives. TechCrunch verified the authenticity of several leaked emails by analyzing cryptographic signatures in the message headers, confirming they originated from Patel’s Gmail and, in some cases, his former Justice Department email address.
Handala, which U.S. prosecutors link to Iran’s Ministry of Intelligence and Security (MOIS), has intensified cyber operations amid heightened tensions, including a recent destructive attack on medical tech firm Stryker that wiped tens of thousands of devices. The group has also leaked personal details of individuals allegedly tied to the Israeli Defense Forces and defense contractors.
Following the Stryker incident, the FBI seized several Handala-operated websites, though the group quickly resumed operations on new domains. Neither Handala nor the Justice Department responded to requests for comment. Patel did not immediately acknowledge outreach from TechCrunch regarding the breach.
Federal Reserve Bank of Richmond cybersecurity rating report: https://www.rankiteo.com/company/federal-reserve-bank-of-richmond
"id": "FED1774643844",
"linkid": "federal-reserve-bank-of-richmond",
"type": "Breach",
"date": "2/2026",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Government (Former FBI Official)',
'name': 'Kash Patel',
'type': 'Individual'}],
'attack_vector': 'Email Compromise',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'Personal, non-classified',
'type_of_data_compromised': 'Emails, personal files'},
'description': 'The Iran-linked hacking group Handala announced it had '
'compromised the personal Gmail account of Kash Patel, a '
'former senior FBI official. The group posted images and files '
'allegedly extracted from his account, dating up to 2019. The '
'FBI confirmed awareness of the breach, stating the data was '
'historical and contained no classified information. '
'TechCrunch verified the authenticity of leaked emails.',
'impact': {'brand_reputation_impact': 'Potential reputational damage to '
'affected individual and FBI',
'data_compromised': 'Personal emails, files dating up to 2019',
'identity_theft_risk': 'High (personal details exposed)',
'systems_affected': 'Personal Gmail account, former Justice '
'Department email address'},
'initial_access_broker': {'entry_point': 'Personal Gmail account',
'high_value_targets': 'Former senior FBI official'},
'investigation_status': 'Ongoing',
'motivation': 'Cyber Espionage, Data Leakage',
'references': [{'source': 'TechCrunch'}, {'source': 'FBI Statement'}],
'response': {'communication_strategy': 'Public disclosure, reward offer for '
'information',
'law_enforcement_notified': 'FBI'},
'stakeholder_advisories': 'FBI offers $10 million reward for information on '
'Handala operatives',
'threat_actor': 'Handala',
'title': "Iran-Backed Hacking Group 'Handala' Claims Breach of FBI Director’s "
'Personal Email',
'type': 'Data Breach'}