Iranian Hackers Claim Breach of Ex-FBI Director Kash Patel's Personal Email Account

Handala, a hacking group with Iranian backing, announced on Friday that it had breached the personal email account of Kash Patel, former FBI director. They posted pictures of Patel and a link to files that appear to come from his personal Gmail account. TechCrunch confirmed that some of the leaked emails were authentic, verifying the information in the message headers. These headers contain information from the sender that helps email delivery systems confirm the authenticity of an email. The leak includes emails dating back to 2019.

The news was first reported by Reuters, and a Justice Department official confirmed the breach. TechCrunch attempted to contact Patel via his Gmail email address revealed by the hackers and via text message to a cell phone number that allegedly appears on Patel's resume, but did not immediately receive a response.

The leaked files appear to date up to about 2019, according to the available information. The information in the message headers helped verify the authenticity of some of the leaked emails. In some cases, Patel appears to have sent emails from his former Justice Department email address in 2014 to his Gmail account. TechCrunch found that the emails sent from Patel's DOJ account also appeared to be authentic.

The lack of response from the FBI and the Justice Department to requests for comment underscores the seriousness of the incident. Verifying the authenticity of the leaked emails is crucial to determining the extent of the damage and the potential security implications.

Since the start of the U.S.-Israeli war against Iran in February, Handala, linked to Iran, has intensified its hacks. They claimed responsibility for a destructive attack against medical tech giant Stryker, which wiped tens of thousands of employee devices. The hackers also published the personal details of several people who are allegedly part of the Israeli Defense Forces and local defense contractors.

Following the Stryker hack, the FBI seized a handful of Handala websites, which quickly came back online on new domains. U.S. prosecutors have formally accused the Iranian ministry of intelligence and security (MOIS) of operating the Handala group.

Neither the FBI nor the Justice Department immediately responded to requests for comment about the alleged hack. TechCrunch contacted Patel's Gmail email address revealed by the hackers and sent a text message to a cell phone number that allegedly appears on Patel's resume, but did not receive a response.

The lack of official response from U.S. authorities highlights the sensitivity of the situation. The confirmation of the hack by a Justice Department official, according to Reuters, adds credibility to Handala's claims.

The hackers did not respond to TechCrunch's request for comment, sent to a chat account that the hackers publicize on their website, as well as an email address owned by the group that was published by the Justice Department. The correction in the fourth paragraph, noting that the emails were sent from Patel's DOJ email address, and not his FBI email address, is crucial.

Accuracy in information is vital in these types of cybersecurity incidents, and source verification is paramount to avoid misinformation. Handala's activity highlights the growing threat of state-backed hacking groups.