Iranian-linked hackers have claimed responsibility for breaching FBI Director Kash Patel’s personal email account and publishing private images and documents online, according to a Justice Department official who confirmed the intrusion and said the materials appear authentic.
The hacking group, known as Handala Hack Team, announced the breach on its website Friday, boasting that Patel had been added to its list of “successfully hacked” targets. The group has previously presented itself as a pro-Palestinian vigilante operation, though Western cybersecurity researchers assess it as a front for Iranian government-linked cyber units.
A DOJ official told Reuters that Patel’s personal inbox had been compromised and that at least some of the material released publicly appeared legitimate. The FBI did not respond to a request for comment.
The cache of leaked material reportedly includes photographs and a mix of personal and professional correspondence spanning several years. Analysts reviewing the breach noted that the targeted Gmail account matches an address previously associated with Patel in earlier data exposures tracked by dark web intelligence firms.
The incident marks the latest escalation in a pattern of Iranian-linked cyber activity targeting high-ranking U.S. officials and individuals connected to President Donald Trump. Patel, who played a prominent role in Trump’s first administration and is now leading the FBI, has been a repeated target.
In late 2024, shortly after Patel was selected as Trump’s FBI director, sources told CBS News he had been the subject of a suspected Iranian-backed cyberattack. At the time, it was unclear whether the attempt succeeded in accessing his communications or how much data may have been compromised.
The renewed breach comes amid broader warnings from U.S. intelligence and law enforcement agencies about Tehran’s expanding cyber operations. In the months leading up to the 2024 presidential election, federal officials cautioned that Iranian actors were actively targeting Trump campaign staff and allies.
Those concerns were underscored in September 2025, when Justice Department prosecutors charged three members of Iran’s Revolutionary Guard in connection with a sweeping hacking campaign aimed at U.S. officials, including individuals in Trump’s orbit.
Handala has also claimed responsibility for other recent cyberattacks, including a March breach of Michigan-based medical device company Stryker, in which the group alleged it deleted a large volume of corporate data, according to NBC News.
BIDEN DOJ SOUGHT MORE SUBPOENAS FOR PATEL AND REPUBLICANS THAN PREVIOUSLY KNOWN, RECORDS SHOW
The extent of the damage from the Patel breach, including whether sensitive government-related information was exposed, remains unclear.
Officials have not said whether the compromised account contained classified material, but the incident is likely to intensify scrutiny of cybersecurity practices among senior federal officials as tensions with Iran continue to play out in the digital arena.