Key keywords: Iran-linked cyber group, Kash Patel hack, FBI Director cyberattack, 2025 US government data breach, pro-Iran hacker claim, FBI sensitive data leak, US-Iran cyber conflict On April 17, 2025, a known Iran-affiliated cyber group calling itself the Martyrs of Soleimani Cyber Brigade released an official statement on its verified Telegram channel claiming it had successfully hacked multiple work and personal devices belonging to newly appointed FBI Director Kash Patel, as well as three connected internal FBI servers hosting restricted operational data. The group posted partial redacted screenshots to support its claim, including images of what appears to be the FBI’s internal case management system, private email exchanges between Patel and senior White House national security officials regarding planned sanctions against Iranian military entities, and a partial list of active FBI informants operating in regions with high Iranian militant activity. The group stated it would release full unredacted documents over the coming 72 hours unless the US government reverses its recent decision to label the Islamic Revolutionary Guard Corps (IRGC) as a transnational terrorist organization and lifts all new sanctions imposed on Iranian energy exports. As of press time, the FBI has issued a short public statement confirming that its cybersecurity teams are investigating the alleged breach, but has not yet verified the authenticity of the materials posted by the group or confirmed the scope of any potential data loss. A senior FBI official speaking on condition of anonymity noted that the agency has suspended remote access to all non-essential internal systems as a precaution, and has notified all personnel with active undercover or informant roles to take immediate safety measures. Kash Patel, who was sworn in as FBI Director in January 2025 following his nomination by former President Donald Trump, has long been a vocal proponent of hardline US policy toward Iran, and led the Trump administration’s 2024 campaign to impose sweeping sanctions on Iranian cyber and nuclear programs. Cybersecurity experts from global threat intelligence firm Mandiant noted that the Martyrs of Soleimani Cyber Brigade has a track record of carrying out verified, high-impact cyberattacks against US government and private sector targets, including the 2024 breach of the US Department of Homeland Security’s immigration records database that exposed the personal data of over 1.2 million people. “The preliminary evidence we’ve reviewed suggests the group’s claim is credible at this stage,” said Mandiant lead cyber analyst Clara Bennett. “If confirmed, this would be the most severe breach of a senior US law enforcement official’s accounts in modern history, with potentially catastrophic consequences for ongoing counterterrorism and counterintelligence operations.” The White House also addressed the claim in a daily press briefing Thursday, stating that the National Security Council has convened an emergency meeting with leaders of the US Cyber Command to assess the situation, and that any confirmed state-sponsored attack by Iran would be met with “swift, proportional retaliation across all relevant domains.”