Iranian hackers breach FBI director’s personal email, and post his CV and photos online

INDUSTRY NEWS 2 min read Iranian hackers breach FBI director's personal email, and post his CV and photos online Graham CLULEY March 31, 2026 Promo Protect all your devices, without slowing them down. Free 30-day trial It's not every day that you read that the head of America's top law enforcement agency has been hacked, but then - these aren't ordinary times. The FBI has confirmed that Iran-linked hackers have broken into the personal email inbox of FBI Director Kash Patel, and published photos of him as well as other stolen documents. The Handala hacking group, a pro-Iranian, pro-Palestinian hacktivist operation, has published on its website a series of personal photographs of Kash Patel :sniffing and smoking cigars, riding in an antique convertible, and making a face while taking a picture of himself in the mirror with a large bottle of rum." The hackers also posted what appears to be the FBI director's CV. A sample of the material uploaded by the hackers and reviewed by Reuters appears to show a mix of personal and work correspondence dating between 2010 and 2019. Reporters at TechCrunch have confirmed that at least some of the leaked emails did originate from Patel's Gmail account by verifying the message headers. The most recent files in the leak appear to date from about 2019. In a statement the FBI said that it was "aware of malicious actors targeting Director Patel's personal email information," and that it had "taken all necessary steps to mitigate potential risks associated with this activity." According to the FBI, no classified or government systems have been accessed. The hack appears to have been limited to Patel's private Gmail account, rather than any FBI infrastructure. Although that is, perhaps, not much comfort for the director of the world's most famous law enforcement agency. To add to Kash Patel's embarrassment, this isn’t even the first time he has been targeted by Iranian hackers. His personal messages were previously hacked in December 2024, before he was appointed FBI director. The Handala hacking group's activity has escalated recently in response to the United States and Israel launching an attack on Iran. Handala has claimed responsibility in recent weeks for hacks against Stryker and Lockheed Martin in response to the war on Iran. The Stryker attack saw Handala claim credit for crippling the network of the medical device provider by deleting huge amounts of company data and wiping thousands of employee devices. Earlier this month, the DOJ seized and took down four websites linked to the Handala group, making the Kash Patel leak look very much like a direct act of retaliation. The FBI has announced that a US $10 million reward is on offer for information related to the Handala hackers. The attack on Kash Patel's inbox is more embarrassing than catastrophic. Old personal emails and photos of Patel puffing on cigars are unlikely to compromise national security. But it is clear that Iranian hackers are becoming increasingly destructive and brazen in their attacks, especially against those allied to those who Iran considers to be a threat to its own security. Private businesses are potentially just at much at risk of having their services disrupted, information stolem, or data erased as those organisations working alongside the US and Israeli government and military. And clearly senior officials, in government and business, remain high-value targets for state-backed hackers. A personal Gmail account linked to the FBI director can never be considered a low-profile target. Using strong, unique passwords and enabling multi-factor authentication on personal accounts isn't just good advice for regular users. It's essential hygiene for anyone whose inbox might one day end up being plastered across an Iranian hacking group's website. TAGS industry news AUTHOR Graham CLULEY Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s. View all posts RIGHT NOW TOP POSTS FAMILY SAFETY How to Outsmart AI Voice Scammers Pretending to Be Your Family March 03, 2026 SCAM HOW TO Scammer phone number lookup. How to check if a phone number is a scam April 19, 2024 SCAM DIGITAL PRIVACY HOW TO How scammers gain access and hack your WhatsApp account and what you can do to protect yourself May 01, 2024 MOBILE SECURITY Signs your phone is being tracked without spy apps March 16, 2026 FOLLOW US ON SOCIAL MEDIA YOU MIGHT ALSO LIKE INDUSTRY NEWS Iranian hackers breach FBI director's personal email, and post his CV and photos online Graham CLULEY March 31, 2026 2 min read INDUSTRY NEWS MOBILE SECURITY Apple Sends Urgent Security Alert to iPhone Lock Screens — Here’s Why You Shouldn’t Ignore It Filip TRUȚĂ March 30, 2026 3 min read INDUSTRY NEWS Meta and YouTube Designed Addictive Platforms, Jury Finds Silviu STAHIE March 27, 2026 2 min read BOOKMARKS You have no bookmarks yet. Tap to read it later.