Key keywords: Iran-linked hackers, Kash Patel personal email breach, FBI director cyber attack, state-sponsored cyber espionage, U.S. national security threat, IRGC-affiliated hacking groups, FBI internal cybersecurity protocols, senior U.S. official data leak U.S. law enforcement and cybersecurity officials confirmed Thursday that a state-sponsored hacking group with documented ties to Iran’s Islamic Revolutionary Guard Corps (IRGC) has successfully breached multiple personal email accounts belonging to recently appointed FBI Director Kash Patel, marking one of the most high-profile cyber intrusions targeting a top U.S. national security official in recent years. According to anonymous sources familiar with the ongoing investigation, the breach was first detected last week by Patel’s personal security team after unusual login activity was flagged from IP addresses traced to Iranian cyber infrastructure. Preliminary forensic analysis shows the hackers used a highly targeted spear-phishing campaign, sending a fake email disguised as a communication from Patel’s family medical provider that contained a malicious link, which Patel clicked in mid-March, granting the attackers full access to two of his non-work email accounts. Officials noted that while the compromised accounts were not officially designated for FBI business, they contained a wide range of sensitive personal content, including Patel’s private travel schedules, family contact information, financial records, and informal communications with current and former FBI colleagues about ongoing unclassified law enforcement initiatives. Cybersecurity experts working on the case warned that the hackers could leverage the stolen data to launch secondary social engineering attacks against other senior FBI personnel, or to release sensitive personal information as part of an intimidation campaign against U.S. law enforcement leadership. The FBI’s Cybersecurity Division has launched a full cross-agency investigation in partnership with the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), to assess the full scope of the breach and trace the exact group responsible. The White House issued a short statement Thursday confirming that the President has been fully briefed on the incident, and has ordered all cabinet-level and senior law enforcement officials to immediately complete mandatory security updates for all personal digital accounts, including enabling multi-factor authentication and conducting full access log audits every 30 days. As of press time, the Iranian government has not issued any official response to the allegations, though IRGC-affiliated hacking groups have a well-documented history of targeting U.S. government officials and private sector entities in cyber espionage and disruptive attacks dating back to 2010.