It’s not every day that you read that the head of America’s top law enforcement agency has been hacked, but then – these aren’t ordinary times.
The FBI has confirmed that Iran-linked hackers have broken into the personal email inbox of FBI Director Kash Patel, and published photos of him as well as other stolen documents.
The Handala hacking group, a pro-Iranian, pro-Palestinian hacktivist operation, has published on its website a series of personal photographs of Kash Patel :sniffing and smoking cigars, riding in an antique convertible, and making a face while taking a picture of himself in the mirror with a large bottle of rum.” The hackers also posted what appears to be the FBI director’s CV.
A sample of the material uploaded by the hackers and reviewed by Reuters appears to show a mix of personal and work correspondence dating between 2010 and 2019.
Reporters at TechCrunch have confirmed that at least some of the leaked emails did originate from Patel’s Gmail account by verifying the message headers. The most recent files in the leak appear to date from about 2019.
In a statement the FBI said that it was “aware of malicious actors targeting Director Patel’s personal email information,” and that it had “taken all necessary steps to mitigate potential risks associated with this activity.”
According to the FBI, no classified or government systems have been accessed. The hack appears to have been limited to Patel’s private Gmail account, rather than any FBI infrastructure. Although that is, perhaps, not much comfort for the director of the world’s most famous law enforcement agency.
To add to Kash Patel’s embarrassment, this isn’t even the first time he has been targeted by Iranian hackers. His personal messages were previously hacked in December 2024, before he was appointed FBI director.
The Handala hacking group’s activity has escalated recently in response to the United States and Israel launching an attack on Iran. Handala has claimed responsibility in recent weeks for hacks against Stryker and Lockheed Martin in response to the war on Iran.
The Stryker attack saw Handala claim credit for crippling the network of the medical device provider by deleting huge amounts of company data and wiping thousands of employee devices.
Earlier this month, the DOJ seized and took down four websites linked to the Handala group, making the Kash Patel leak look very much like a direct act of retaliation.
The FBI has announced that a US $10 million reward is on offer for information related to the Handala hackers.
The attack on Kash Patel’s inbox is more embarrassing than catastrophic. Old personal emails and photos of Patel puffing on cigars are unlikely to compromise national security. But it is clear that Iranian hackers are becoming increasingly destructive and brazen in their attacks, especially against those allied to those who Iran considers to be a threat to its own security.
Private businesses are potentially just at much at risk of having their services disrupted, information stolem, or data erased as those organisations working alongside the US and Israeli government and military.
And clearly senior officials, in government and business, remain high-value targets for state-backed hackers. A personal Gmail account linked to the FBI director can never be considered a low-profile target.
Using strong, unique passwords and enabling multi-factor authentication on personal accounts isn’t just good advice for regular users. It’s essential hygiene for anyone whose inbox might one day end up being plastered across an Iranian hacking group’s website.
Source link
About the Author
Discover more from Reelpedia
Subscribe to get the latest posts sent to your email.
