Iranian hackers claim breach of FBI director Kash Patel’s personal email account
A hacking group backed by the Iranian government dubbed “Handala” said on Friday that it has breached the personal email account of FBI director Kash Patel.
In a post on its website, Handala included several pictures of a visibly younger Patel, as well as a link to a cache of files that appear to come from Patel’s personal Gmail account.
TechCrunch confirmed that at least some of the emails leaked by Handala were from Patel’s alleged Gmail account by verifying information contained within the message headers. These message headers contain information from the sender that helps email delivery systems confirm that an email is genuine and not a spoof.
We used a tool to verify several emails in the leaked cache of files that were sent by Patel from his Gmail account. These emails contained cryptographic signatures that matched the messages, which strongly suggests that the emails we checked are authentic. In some cases, Patel appears to have sent emails from his FBI email address to his Gmail account. TechCrunch found that the emails sent from Patel’s FBI account also appeared to be authentic.
The FBI and Justice Department did not immediately respond to a request for comment.
Reuters, which first reported the email leaks, said a Justice Department official confirmed the breach.
Contact Us
Do you have more information about this alleged Kash Patel breach? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram, Keybase and Wire @lorenzofb, or by email.
TechCrunch sent messages seeking confirmation to Patel’s Gmail email address revealed by the hackers, as well as a text message to a cellphone number contained in a resume allegedly belonging to Patel. We did not immediately hear back.
Since the U.S.-Israeli war against Iran started in February, Iran-linked Handala has ramped up its hacks, most notably claiming responsibility for a destructive attack against medical tech giant Stryker that wiped tens of thousands of employee devices. The hackers have also published the personal details of several people who are allegedly part of the Israeli Defense Forces and local defense contractors.
Following the Stryker hack, the FBI seized a handful of Handala websites, which quickly came back online on new domains. U.S. prosecutors have formally accused the Iranian ministry of intelligence and security (MOIS) of operating the Handala group.
The hackers did not respond to TechCrunch’s request for comment sent to a chat account that the hackers publicize on their website, as well as an email address owned by the group that was published by the Justice Department.
