The head of the FBI just got hacked. Let that sink in for a moment.
An Iranian government-backed hacking group called Handala claimed Friday that it broke into FBI Director Kash Patel's personal Gmail account and dumped the contents online. A Justice Department official confirmed to Reuters that the breach was real and that the material posted online appeared authentic.
We pulled the files from Handala's webpage and went through them. Honestly, there's not much there.
Very old, boring emails.
Handala published more than 300 emails and photos. Most of them are over a decade old. We're talking family messages, travel itineraries, and personal photos. Nothing classified. Nothing that would make Patel sweat. The published sample spans personal and work correspondence dating between 2010 and 2019. The newest item we found was a plane ticket receipt from 2022.
This looks like either an old account Patel barely used or a breach that happened years ago and just sat on a shelf waiting for the right moment. The FBI's own statement backs that up. "The information in question is historical in nature and involves no government information," a spokesperson told TechCrunch.
Cybersecurity experts agree with that reading. Alex Orleans, head of threat intelligence at Sublime Security, told NBC News the Iranians likely had this material sitting around for a while. "Iranian actors sit on all kinds of odds and ends for a rainy day," he said. He also noted that if Handala had fresh access to Patel's account, you'd expect them to release something far more damaging than decade-old family photos.
Why now?
The timing is no accident. Earlier this month, the Justice Department seized four domains tied to Handala as part of a crackdown on Iranian hacking and transnational repression operations. Patel personally piled on in a March 19 press release, declaring "Iran thought they could hide behind fake websites and keyboard threats to terrorize Americans and silence dissidents," and that the FBI wasn't done going after them.
The U.S. government is putting real money on the table. The State Department's Rewards for Justice program is offering up to $10 million for information leading to the identification of Handala's members.
Handala didn't take that well. The group posted online that it had decided "to respond to this ridiculous show in a way that will be remembered forever."
Who is Handala?
The group presents itself as pro-Palestinian vigilante hackers, but many Western researchers consider it a front for Iranian government cyberintelligence units. It has been busy. Handala claimed responsibility for an attack on medical tech giant Stryker that wiped tens of thousands of employee devices.
Gil Messing of Israeli cybersecurity firm Check Point told The Globe and Mail that the operation fits Iran's broader strategy of trying to make U.S. officials "feel vulnerable." The Iranians, he said, are "firing whatever they have."
The lesson that never seems to stick
Even a dud breach is a reminder of an obvious risk that too many senior officials seem oblivious to – personal accounts are easy targets. Patel got lucky, his account appears to largely have been a digital junk drawer. But as Director of the FBI, having any account breached is not a good look.
Read more: 2FA Explained: The Safest Ways to Protect Your Accounts
[Image credit: FBI.gov]
