Iranian Hackers Threaten to Reveal Secrets from Trump Aides’ Stolen Emails

“Robert” hackers claim to hold 100 gigabytes of White House emails. While the White House pledges investigations, Washington describes the incident as a smear campaign against Trump and his loyal staff.
Iran-linked hackers have threatened to release more stolen emails from former U.S. President Donald Trump’s circle, following a previous leak sent to media outlets ahead of last year’s U.S. elections.
The threat comes amid rising regional tensions and U.S. warnings of potential Iranian attacks.
It also follows Trump’s recent announcement, just three days prior, that he had shelved plans to ease sanctions on Iran after Supreme Leader Ayatollah Ali Khamenei claimed that U.S. and Israeli airstrikes on Iranian nuclear sites had caused minimal damage.
In an online chat with Reuters on Sunday and Monday, the hackers — using the pseudonym “Robert” — said they had about 100 gigabytes of emails from top White House aides, including Susie Wiles, Trump attorney Lindsey Halligan, advisor Roger Stone, and adult film actress-turned-Trump-critic Stormy Daniels.
They suggested they might sell the material but gave no specifics about their plans. The content of the emails was not disclosed.
U.S. Attorney General Pam Bondi described the breach as “an outrageous cyberattack.”
The White House and FBI responded with a joint statement from FBI Director Kash Patel, who said, “Anyone involved in any form of national security breach will be thoroughly investigated and prosecuted to the fullest extent of the law.”
The U.S. Cybersecurity Agency posted on X (formerly Twitter), calling the so-called “attack” nothing more than digital propaganda, saying the targets were no coincidence and that this was “a calculated smear campaign aimed at harming President Trump and defaming honest public servants who proudly serve our country.”
Halligan, Stone, Daniels’ representatives, and the U.S. cybersecurity agency did not respond to requests for comment.
Iran’s mission to the United Nations also did not reply. Tehran has previously denied involvement in cyber espionage.
The hacking group surfaced in the final months of Trump’s last campaign, claiming to have breached email accounts of several of Trump’s allies, including Wiles. They distributed some of the emails to journalists.
Reuters previously verified parts of the leaked content, including an email appearing to document a financial arrangement between Trump and lawyers representing former presidential candidate Robert F. Kennedy Jr., now serving as Trump’s Health Secretary.
Other leaked materials included campaign discussions about Republican candidates and settlement talks with Stormy Daniels.
While some of the leaked documents received media coverage, they did not significantly alter the election outcome, which Trump ultimately won.
In a September 2024 indictment, the U.S. Department of Justice accused Iran’s Revolutionary Guard of orchestrating the hacking operation. The hackers declined to comment on that claim during their chat with Reuters.
After Trump’s election, the group told Reuters it had no plans to release further leaks. However, following the 12-day air conflict this May between Iran and Israel — which culminated in U.S. strikes on Iranian nuclear sites — the group resumed communications.
This week, they claimed to be organizing a sale of the stolen emails.
Frederick Kagan, a researcher at the American Enterprise Institute and author on Iranian cyber espionage, said Iran likely suffered heavy losses during the conflict and may be seeking low-risk methods of retaliation.
He added, “The likely directive is for agents to use all possible asymmetric means that don’t provoke renewed Israeli-American military action… Further email leaks are unlikely to trigger that.”
Despite concerns that Tehran might unleash digital havoc, Iranian hackers had minimal impact during the conflict.
Still, on Monday, U.S. cybersecurity officials warned that American companies and critical infrastructure operators may remain vulnerable to Iranian cyber threats.