Iranian Hackers Hit US Water and Energy Systems While FBI Director's Email Gets Breached

Federal agencies issued an urgent warning Tuesday that Iranian hackers have successfully disrupted operations at multiple US critical infrastructure sites, including water treatment facilities, energy systems, and local government services. The attacks targeted programmable logic controllers (PLCs) -- the industrial devices that control everything from water pumps to power grids.

According to a joint advisory from the FBI, CISA, NSA, EPA, DOE, and US Cyber Command, the hackers manipulated project files and tampered with the data displayed on control systems, causing real operational disruptions. The agencies specifically flagged devices manufactured by Rockwell Automation and Allen-Bradley, though other vendors may also be vulnerable.

"Organizations from multiple U.S. critical infrastructure sectors experienced disruptions through malicious interactions with the project files and the manipulation of data displayed on human machine interface (HMI) and supervisory control and data acquisition (SCADA) displays," the advisory states.

The campaign bears the hallmarks of CyberAv3ngers, a hacking group linked to Iran's Islamic Revolutionary Guard Corps (IRGC). This is the same outfit that previously left residents of an Irish town without water for two days and hit a Pennsylvania water utility. In October 2024, OpenAI revealed that CyberAv3ngers had used ChatGPT to plan attacks, conduct reconnaissance, and evade detection.

Patel's Email Breach Adds Insult to Infrastructure Injury

The timing could not be more awkward for FBI Director Kash Patel. While federal agencies scramble to contain attacks on America's water and power systems, another Iranian group -- Handala -- just hacked Patel's personal email account. The hackers released photos and emails allegedly stolen from his inbox.

Authorities insist no government information was exposed, but the breach raises obvious questions: If the FBI Director cannot secure his own email, how is he supposed to protect the nation's critical infrastructure from sophisticated state-sponsored hackers?

Patel's appointment was controversial from the start. A Trump loyalist with no prior FBI experience, he has spent more time threatening political enemies than addressing the escalating cyber threat from Iran, Russia, and China. Now his own inbox has become a trophy for the very adversaries he is supposed to be countering.

A Pattern of Escalation

These attacks are not isolated incidents. They are part of a coordinated Iranian strategy to target US infrastructure and sow chaos. On March 11, medical technology giant Stryker was hit by Handala, which reportedly wiped more than 200,000 devices. Late last month, the US government officially linked Handala to the Iranian regime and took down several websites the group used for operations.

In December 2025, the US announced rewards of up to $10 million for information on members of Emennet Pasargad, another Iranian hacking group. Cybersecurity firm Augur Security recently revealed that Iran has spent six months building a resilient cyber infrastructure -- including US-based shell companies -- designed to survive kinetic military strikes and keep its hacking operations running.

Federal agencies are now urging organizations to assume they are targets and proactively assess their operational technology environments for vulnerabilities. Downloadable lists of indicators of compromise have been made available in XML and JSON formats for organizations to scan their networks.

Why This Matters

Critical infrastructure attacks are not abstract threats. When hackers manipulate water treatment systems, people lose access to clean water. When they target energy grids, the lights go out. When they disrupt medical device manufacturers, hospitals cannot operate.

Iran has demonstrated both the capability and the intent to cause real harm to American communities. The question is whether the Trump administration -- led by an FBI Director who just got his email hacked -- is capable of mounting an effective defense.

The answer, so far, does not inspire confidence.