ISLAMABAD (PEN) : A hacker group reportedly linked to Iran claims to have stolen 100 gigabytes of emails from key aides and associates of US President Donald Trump, threatening to sell the data amid heightened tensions following recent US-Israel conflicts.
Data Breach Targets Prominent Trump Associates
The group, operating under the alias “Robert,” announced the breach over the weekend, stating it possesses emails from several influential figures within Trump’s inner circle. Those named include White House Chief of Staff Susie Wiles, attorney Lindsey Halligan, political operative Roger Stone, and Stormy Daniels, the adult film actress turned critic.
While “Robert” has not disclosed specific plans for the leaked files, the group previously distributed small batches of emails to journalists during the 2024 election cycle.
Official Responses and Verification
US Attorney General Pam Bondi condemned the cyberattack as “unconscionable.” FBI Director Kash Patel emphasized that any breach compromising national security would be “investigated and prosecuted to the fullest extent of the law.”
The FBI and White House have yet to confirm the breach’s full scope. Requests for comment from the individuals implicated and the US Cybersecurity and Infrastructure Security Agency (CISA) received no response. Iran’s UN mission also declined to comment, maintaining its consistent denial of involvement in cyberespionage activities.
Reuters verified portions of previously leaked content, including an email allegedly detailing a financial arrangement between Trump and lawyers representing Robert F. Kennedy Jr., who now serves as Trump’s Health Secretary. Other leaked material involved internal Republican campaign discussions and legal matters concerning Stormy Daniels.
Context of the Cyber Operation
Though the leaks drew media attention during the last election, experts noted they had minimal impact on the race, which resulted in Trump’s re-election.
In September 2024, the US Department of Justice charged Iran’s Islamic Revolutionary Guard Corps with orchestrating the “Robert” hacking operation, but the group has not publicly responded.
After a period of inactivity following a May claim of “retirement,” the group resumed activity this month, coinciding with the recent 12-day military escalation between Israel and Iran, which ended with US strikes on Iranian nuclear sites.
In communications with Reuters, “Robert” indicated preparations to sell the stolen emails, urging wider media coverage.
Frederick Kagan, senior fellow at the American Enterprise Institute, suggested the hacking campaign could be part of Iran’s broader asymmetric response to recent hostilities. “Everyone’s likely been ordered to use all the asymmetric tools they have without provoking major Israeli or US military action,” he said. “Leaking emails falls into that category.”
Ongoing Cybersecurity Concerns
Despite initial fears of increased Iranian cyberattacks during the conflict, US officials reported relatively low activity from Tehran’s hackers. However, US cyber defense agencies issued a warning Monday, cautioning that Iranian hackers may still target American businesses and critical infrastructure.
