181/69 Tuesday, March 31, 2026
The hacking group Handala, reportedly linked to Iran’s Ministry of Intelligence (MOIS), has claimed responsibility for breaching the personal Gmail account of Kash Patel, the current Director of the Federal Bureau of Investigation, on March 27, 2026. The group published personal photos, documents, and email correspondence from before Patel assumed office, and further claimed that the leaked data includes confidential files from FBI systems, which have allegedly been made publicly available for download. Handala stated that the attack was carried out in retaliation after the FBI seized domains associated with the group, and following a $10 million reward announced by the U.S. government for information leading to the identification or arrest of its members.
The FBI confirmed it is aware of the incident and has taken all necessary steps to mitigate potential impact. The agency emphasized that the compromised data consisted of “old personal information” and did not include any government-related data. However, from a cybersecurity perspective, the compromise of a personal email account belonging to a high-ranking national security official represents a significant Operational Security (OpSec) failure, as even non-classified communications may expose contextual information valuable to adversaries.
Handala, also known as Hatef and Hamsa, was established in December 2023 and has previously been linked to major cyberattacks, including a breach involving Microsoft systems at Stryker that led to data deletion across tens of thousands of devices. This incident underscores a growing trend of nation-states leveraging hacktivist groups as proxies for semi-covert cyber operations. It also highlights that senior officials remain high-value targets, even through personal communication channels. The FBI reiterated the U.S. State Department’s standing $10 million reward for information identifying members of the Handala hacking group.