Iranian-linked hacktivist group Handala Hack breached the personal email account of FBI Director Kash Patel, leaking historical documents following a U.S. government operation to seize the group's domains.

Key points

• The Handala Hack Team, a persona associated with Iran’s Ministry of Intelligence and Security (MOIS), claimed responsibility for the breach of Kash Patel’s personal email.
• The FBI confirmed the incident, noting the leaked data was historical and contained no government information.
• Handala Hack recently executed a destructive wiper attack against Stryker, a Fortune 500 medical device company, marking a shift toward targeting critical infrastructure.
• The U.S. Department of Justice recently seized four domains used by the group for psychological operations and the distribution of stolen data.
• The group frequently utilizes legitimate administrative tools, VPN compromises, and wiper malware to disrupt operations and sow geopolitical discord.

This breach highlights an escalating trend of state-sponsored actors using disruptive cyber operations to retaliate against Western geopolitical actions. By targeting both high-profile officials and critical supply chain providers, these groups are increasingly blurring the lines between traditional espionage and destructive psychological warfare.