Tehran-linked hackers are threatening to release a new trove of emails between President Donald Trump and several of his closest allies. The warning follows a similar leak ahead of the 2024 election –– and may be tied to escalating tensions in the Middle East.
What does the group claim to have?
In messages exchanged with Reuters on Sunday, June 29, the group –– which goes by the alias “Robert” –– claimed to have roughly 100 gigabytes of emails from the accounts of White House Chief of Staff Susie Wiles, Trump’s attorney Lindsey Halligan, Trump’s adviser Roger Stone and adult entertainer Stormy Daniels.
Robert suggested they may sell the data, but did not disclose details about the content or intended use of the emails.
Download the SAN app today to stay up-to-date with Unbiased. Straight Facts™.
Point phone camera here
Trump administration responds
Attorney General Pam Bondi condemned the reported breach, calling it “an unconscionable cyber-attack.”
The White House and FBI responded to the Iranian-linked group’s threats in statements.
“Anyone associated with any kind of breach of national security will be fully investigated and prosecuted to the fullest extent of the law,” FBI Director Kash Patel warned in a statement to Reuters.
“This so-called cyber ‘attack’ is nothing more than digital propaganda, and the targets are no coincidence,” said the Cybersecurity and Infrastructure Security Agency (CISA) in a post on X. “This is a calculated smear campaign meant to damage President Trump and discredit honorable public servants who serve our country with distinction.”
None of the individuals named has publicly responded to the report. Iran’s mission to the United Nations didn’t respond to requests for comment from Reuters. Tehran has previously denied acts of espionage against the U.S.
Robert’s history of leaks
Robert first emerged in the final months of the 2024 election, claiming responsibility for a breach involving several Trump aides, which also included Wiles. The group then released the emails to reporters.
Some of those emails were authenticated by Reuters, including one that apparently revealed a document disclosing a financial agreement between Trump and attorneys for Robert F. Kennedy, who now serves as the head of Trump’s Department of Health and Human Services.
Other information included in the Trump campaign’s emails was discussions with Republicans seeking office and communications over a settlement with Daniels.
While the leaked emails sparked headlines, they had little effect on Trump’s successful bid for reelection.
Following the election, Robert told Reuters that no more hacks were planned. In May, the hacker told the news outlet, “I am retired, man.”
However, the group has since reemerged –– potentially motivated by recent U.S. airstrikes on Iranian nuclear facilities and Iran’s conflict with Israel.
US attacks on Iran
Tehran has suffered major damage to its infrastructure in recent attacks. Analysts say Iran may now favor “asymmetric” tactics, such as cyber operations, to retaliate without resorting to military conflict.
“A default explanation is that everyone has been ordered to use all the asymmetric stuff that they can that’s not likely to trigger a resumption of major Israel/U.S. military activity,” wrote American Enterprise Institute scholar Frederick Kagan, who has studied Iranian cyberstrategy. “Leaking a bunch more emails is not likely to do that.”
US intelligence warnings
Despite previous U.S. intelligence alerts that Iran could launch cyberattacks, Tehran-linked hackers have remained low-key about operations during the ongoing conflicts in the Middle East.
But officials cautioned on Monday, June 30, that U.S. companies and critical infrastructure could be at risk of cyber espionage in the weeks ahead.
