A hacking collective associated with the Iranian government named “Handala” announced on Friday that it has infiltrated the personal email account of FBI Director Kash Patel.
In a message on its website, Handala shared multiple images of a noticeably younger Patel, along with a link to a trove of files that seemingly originate from Patel’s personal Gmail account.
“The FBI is aware of malicious entities targeting Director Patel’s personal email details, and we have implemented all necessary measures to address potential threats linked to this incident,” stated an FBI spokesperson to TechCrunch. “The information in question is historical and does not pertain to government data.”
The FBI also announced a reward of up to $10 million for any information regarding the Handala hackers.
TechCrunch confirmed that at least some of the emails released by Handala were indeed from Patel’s purported Gmail account by validating data contained within the message headers. These headers hold information from the sender that assists email delivery systems in verifying the authenticity of an email.
We utilized a tool to authenticate several emails in the leaked file stash that were sent by Patel from his Gmail account. These emails had cryptographic signatures that aligned with the messages, strongly indicating that the examined emails are legitimate. In some instances, Patel appears to have forwarded emails from his previous Justice Department address in 2014 to his Gmail account. TechCrunch determined that the emails dispatched from Patel’s DOJ account appeared authentic as well.
The files within the leaked cache seem to date back to around 2019.
The Justice Department did not promptly respond to a request for comment.
Reuters, which first disclosed the email leaks, reported that a Justice Department representative confirmed the breach.
Contact Us
Do you have further information regarding this purported Kash Patel breach? From a non-work device, you can securely reach out to Lorenzo Franceschi-Bicchierai on Signal at +1 917 257 1382, or through Telegram, Keybase, and Wire @lorenzofb, or by email.
TechCrunch attempted to contact Patel’s Gmail address disclosed by the hackers, as well as via a text message to a mobile number listed in a resume reportedly belonging to Patel. We did not receive an immediate response.
Since the onset of the U.S.-Israeli conflict with Iran in February, the Iran-linked Handala has escalated its hacking activities, notably taking credit for a damaging attack against medical technology company Stryker that erased thousands of employee devices. The hackers have also leaked the private information of several individuals believed to be part of the Israeli Defense Forces and local defense contractors.
Following the Stryker incident, the FBI seized several Handala websites, which swiftly became active again on new domains. U.S. prosecutors have formally accused the Iranian Ministry of Intelligence and Security (MOIS) of running the Handala group.
The hackers did not reply to TechCrunch’s request for commentary sent to a chat account that they promote on their website, as well as to an email address owned by the group that was publicized by the Justice Department.
Updated to include a statement from the FBI and corrected the fourth paragraph to clarify that the emails were sent from Patel’s DOJ account, not his FBI account. ZW.