FBI Director Kash Patel's personal email account has been hacked by an Iran-linked group, the agency has confirmed.

A group, known as the Handala Hack Team, shared Patel's purported resume and photos of him on its website on Friday along with a statement that says: "This is just our beginning."

"If your director can be compromised this easily, what do you expect from your lower-level employees?," it says.

The FBI said it was aware of "malicious actors" targeting Patel's email information, adding, the information accessed was "historical in nature and involves no government information".

Iranian-backed hackers were reported to have breached Patel's private communications in 2024, weeks before he was appointed to lead the FBI. It is not clear if that breach was different from the one claimed by the Handala group on Friday.

Photos Handala claims to have taken from Patel's email account have been circulating on social media with the group's logo added as a watermark.

The photos show Patel at various unidentified locations, including standing beside a vintage convertible, smiling next to a jet, smoking and sniffing cigars, taking a selfie next to a bottle of liquor, and posing in what appear to be restaurants and hotels.

The BBC has not independently verified the leaked documents.

In its statement announcing the hack, the Handala group said the "so-called 'impenetrable' systems of the FBI were brought to their knees within hours by our team". "This is the security that the US government boasts about?! This is the cyber giant that thinks threats and bribes can silence the voice of resistance?!"

The FBI said that it was offering up to $10m (£7.5m) for information that helps identify members of the Handala group.

Last week, the US justice department seized several Handala domain names it says were involved in hacking schemes linked to the Islamic Republic of Iran.

The department said Iran's Ministry of Intelligence and Security (MOIS) had been using the Handala websites to spread "terrorist propaganda," conduct "attempted psychological operations targeting adversaries of the regime", claim credit for hacking activity, and call for the killing of journalists and dissidents.

The domain used to carry out the hack against Patel was registered the same day the justice department announced it had seized the four domains associated with the group, on 19 March, CBS News, the BBC's US partner, reported.

Handala said its hack into Patel's email account was retaliation for the FBI's seizure of its websites, as well as for the FBI offering a reward of $10m for information on similar malicious attacks.

The Stryker incident saw the company's employee login defaced with a message claiming data had been erased in a 'wiper' attack by the Iran-backed group of hacktivists.

In a post at the time on their now-suspended X account, Handala claimed it had wiped "over 200,000 systems, servers, and mobile devices" and extracted "50 terabytes of critical data" in the Stryker attack.

The group said the Stryker cyberattack was "in retaliation for the brutal attack" on an Iranian girls' school at the start of the war, which killed over 160 people, as well as "in response to ongoing cyber assaults against the infrastructure" of Iran and its allies.