Breaking News
Iran-linked hackers breach FBI director’s personal email, publish photos and documents
By Jana Winter and AJ Vicens
WASHINGTON, March 27 (Reuters) – Iran-linked hackers have broken into FBI Director Kash Patel’s personal email inbox, publishing photographs of the director and other documents to the internet, the hackers and the bureau said on Friday.
On their website, the hacker group Handala Hack Team said Patel “will now find his name among the list of successfully hacked victims.” The hackers published a series of personal photographs of Patel sniffing and smoking cigars, riding in an antique convertible, and making a face while taking a picture of himself in the mirror with a large bottle of rum.
The FBI confirmed that Patel’s emails had been targeted. In a statement, bureau spokesman Ben Williamson said, “we have taken all necessary steps to mitigate potential risks associated with this activity” and that the data involved was “historical in nature and involves no government information.”
Handala, which presents itself as a group of pro-Palestinian vigilante hackers, is considered by Western researchers to be one of several personas used by Iranian government cyberintelligence units. Handala recently claimed the hack of Michigan-based medical devices and services provider Stryker on March 11, saying they had deleted a massive trove of company data.
Alongside the photographs of Patel, the hackers published a sample of more than 300 emails, which appear to show a mix of personal and work correspondence dating between 2010 and 2019.
Reuters was not able to independently authenticate the Patel messages, but the personal Gmail address that Handala claims to have broken into matches the address linked to Patel in previous data breaches preserved by the dark web intelligence firm District 4 Labs. Alphabet-owned Google, which runs Gmail, did not immediately respond to a request for comment.
‘MAKE THEM FEEL VULNERABLE’
Iran-linked hackers – who initially kept a low profile after the United States and Israel launched coordinated strikes against the Islamic Republic last month – have increasingly boasted of their cyber operations as the conflict drags on.
In addition to the hack against Stryker, Handala on Thursday claimed to have published the personal data of dozens of defense company Lockheed Martin employees stationed in the Middle East. In a statement, Lockheed Martin said it was aware of the reports and had policies and procedures in place “to mitigate cyber threats to our business.”
Gil Messing, chief of staff at Israeli cybersecurity company Check Point, said the hack-and-leak operation against Patel was part of Iran’s strategy to embarrass U.S. officials and “make them feel vulnerable.”
The Iranians, he said, are “firing whatever they have.”
It is not unusual for foreign hackers to target senior officials’ personal emails, and breaches and leaks both happen periodically. Hackers famously broke into Hillary Clinton campaign chairman John Podesta’s personal Gmail account ahead of the 2016 election and published much of the data to the WikiLeaks site. In 2015, teenage hackers broke into then-CIA director John Brennan’s personal AOL account and leaked data about U.S. intelligence officials.
Relatively unsophisticated breaches of this nature are in line with a U.S. intelligence assessment reviewed by Reuters on March 2. The assessment said Iran and its proxies could respond to the killing of Iranian Supreme Leader Ayatollah Ali Khamenei with low-level hacks against U.S. digital networks.
Iran-linked hackers may have other emails in reserve.
Last year, another group operating under the pseudonym “Robert” told Reuters it was considering disclosing 100 gigabytes of data stolen from White House chief of staff Susie Wiles and other figures close to U.S. President Donald Trump.
Reuters has not been able to verify the claim and the group has not responded to messages in several months.
(Reporting by Jana Winter, AJ Vicens and Raphael Satter; Writing by Raphael Satter; Editing by Deepa Babington and Nick Zieminski)