An Iran-linked hacking group has claimed it accessed the personal Gmail account of Kash Patel and released alleged data, prompting a response from the Federal Bureau of Investigation, which said the exposed material is not sensitive or classified.
The group, known as Handala, said it obtained photos and files from Patel’s account and shared them online.
FBI Response And Data Verification
The FBI said it is aware of the incident and has taken steps to mitigate potential risks. The agency stated that the information involved is historical and does not include government or classified data.
Analysis of the leaked material indicates that several emails attributed to Patel’s Gmail account are authentic. Some messages were also linked to his former Justice Department email account from 2014.
Verification efforts, including analysis of email headers, confirmed the legitimacy of certain messages and ruled out spoofing in those cases. Most of the exposed data appears to date back to around 2019.
Background On The Hacking Group
Handala has been associated with cyber operations targeting individuals and organizations linked to Israel and the United States. The group has been described as a front for Iran-backed actors, including those connected to the country’s intelligence apparatus.
The US Department of Justice has previously accused Iran’s Ministry of Intelligence and Security of operating the group.
The FBI has offered a reward of up to $10 million for information related to the hackers.
Recent Cyber Activity And Claims
Handala has intensified its activity since the start of the Iran-related conflict earlier this year. The group previously claimed responsibility for a cyberattack on Stryker, which involved wiping large numbers of devices and disrupting operations across multiple countries.
The group said it exfiltrated significant amounts of data during that incident, though details have not been independently confirmed.
Ongoing Questions About The Breach
It remains unclear how Patel’s email account was accessed or whether additional security measures, such as multi-factor authentication, were in place.
There has been no confirmation of whether warnings about potential state-linked cyber threats had been issued prior to the incident.
Featured image credits: Flickr
For more stories like it, click the +Follow button at the top of this page to follow us.