Cyber criminals linked to Iran accessed the personal email account of FBI Director Kash Patel, a Justice Department official confirmed on Friday. The breach occurred after the hacker group Handala Hack Team claimed responsibility and published photographs of Patel along with his purported resume to the internet.The incident emerged on March 27, 2026, when the group posted the materials on their website. The breach drew immediate attention from federal officials and raised concerns about cybersecurity vulnerabilities at the highest levels of U.S. law enforcement.
Hackers Claim Responsibility
The Handala Hack Team publicly announced the breach through an online statement. The group declared, “Kash Patel, the current head of the FBI, who once saw his name displayed with pride on the agency’s headquarters, will now find his name among the list of successfully hacked victims.”
The hackers added, “The so-called ‘impenetrable’ systems of the FBI were brought to their knees within hours by our team.” The post included photos of Patel and a document appearing to be his resume, which contained his personal email account information.
A sample of the material uploaded by the hackers and reviewed by Reuters showed a mix of personal and work correspondence dating between 2010 and 2019. Reuters was not able to immediately authenticate all the emails published by the group.
Official Confirmation
A Justice Department official confirmed to Reuters that Patel’s emails were compromised but did not provide additional details. The FBI did not immediately respond to requests for comment regarding the breach. The hackers also did not respond to messages seeking further information.
Sources familiar with the matter told CBS News that cyber criminals linked to Iran had indeed accessed the FBI director’s personal email account. An FBI spokesperson declined to issue an immediate statement when contacted by the network.
Context of Ongoing Tensions
The breach occurred shortly after the Justice Department seized four domains connected to the Handala group earlier this month. The department announced the seizure on March 19 as part of an ongoing effort to disrupt hacking and transnational repression schemes conducted by the Islamic Republic of Iran’s Ministry of Intelligence and Security.
The domain used to carry out the hack against Patel was registered on the same day the Justice Department announced the seizure of the four domains associated with the group.
Furthermore, the Justice Department previously stated that Handala was responsible for multiple cyber attacks following the start of the war in Iran. The department alleged that the group conducted a malware attack against a U.S.-based multinational medical technologies firm. In another incident, Handala posted the names and sensitive data from approximately 190 individuals associated with or employed by the Israeli Defense Force or Israeli government.
The Handala Hack Team referenced the domain seizures in its online post. The group stated, “We decided to respond to this ridiculous show in a way that will be remembered forever.”
