(Credit: Daniel Heuer/Bloomberg via Getty Images)
A suspected state-sponsored hacking group from Iran may have successfully breached a personal email account belonging to FBI Director Kash Patel.
On Friday, the hacking group Handala claimed that it hacked Patel and published his personal photos as evidence. The group also uploaded the stolen files to a website, suggesting Handala breached Patel’s personal Gmail account, which was previously published in government files posted online.
The breach appears to be real. Reuters reports that a Justice Department official confirmed “that Patel's emails were compromised,” without offering details.
The FBI has since told PCMag that it's "aware of malicious actors targeting Director Patel’s personal email information, and we have taken all necessary steps to mitigate potential risks associated with this activity."
However, the agency is playing down the impact, saying: "The information in question is historical in nature and involves no government information."
Patel’s Gmail address has been found in 11 previous data breaches, according to breach notification service Have I Been Pwned. So it’s possible the hackers pulled off the stunt by mining for the account’s exposed credentials in past hacks.
In the meantime, Handala is using the alleged breach to mock the FBI after the US investigators used court orders last week to seize the group’s internet domains and offered a $10 million reward for information about the group.
Handala first emerged as a pro-Palestinian hacktivist operation. However, federal investigators say the group is actually an operation from Iran’s Ministry of Intelligence and Security, and say Handala has become focused on spreading “anti-American propaganda,” amid the US-Iran war.
“The FBI’s investigation revealed that the four seized domains were linked to each other through shared leak sites, Iranian IP ranges, and a common operational ‘playbook.’ That playbook includes: destructive and disruptive cyber-attacks; and ‘faketivist’ psychological operations using data stolen via hacking,” the Justice Department said last week.
The alleged hack of Patel’s account underscores the “psychological” bent of Handala’s activities. “To the whole world, we declare: the FBI is just a name,” the group wrote on its website, even though Handala may have only targeted a personal email account. The photos published also appear to be old images taken of Patel.
Still, Handala caused some chaos earlier this month after infiltrating US medical equipment provider Stryker and launching a data-wiping attack that affected tens of thousands of devices, including employee phones. Stryker’s last update says the company continues to work to restore systems, although no Stryker products were affected.
But in other cases, Handala seems to have greatly exaggerated their hacking claims. For example, earlier this month, the group claimed to have breached Verifone, an electronics payments provider. But Verifone told PCMag it had uncovered no evidence it was infiltrated.
Editor's note: This story has been updated with comment from the FBI.