A hacking group with alleged ties to Iran is threatening to sell a trove of emails stolen from top aides to President Donald Trump during the 2024 election, raising fresh concerns about cybersecurity and potential national security breaches.
The group, operating under the pseudonym “Robert,” claims to possess 100 gigabytes of data, including emails taken from White House Chief of Staff Susie Wiles, Trump attorney Lindsey Halligan, GOP operative Roger Stone, and adult film actress Stormy Daniels, who was previously involved in a high-profile hush money scandal with Trump.
Speaking to Reuters, the hackers said they were considering selling the cache, but did not reveal its contents or name potential buyers.
In response, FBI Director Kash Patel issued a statement to The Daily Beast emphasizing the agency’s commitment to national security.
“The FBI takes all threats against the president, his staff, and our cybersecurity with the utmost seriousness,” Patel said. “Anyone found to be involved in a breach of national security will be fully investigated and prosecuted.”
Susie Wiles, now Chief of Staff, is among those whose communications were allegedly compromised. The Cybersecurity and Infrastructure Security Agency (CISA) also condemned the threat.
“This is nothing more than digital propaganda,” said CISA spokesperson Marci McCarthy. “It’s a calculated campaign by a hostile actor to discredit public servants and damage President Trump. We will pursue these criminals relentlessly.”
Some of the stolen emails have been independently verified by Reuters, including communications detailing a financial arrangement between Trump and legal representatives of Robert F. Kennedy Jr., now serving as Trump’s health secretary, and negotiations related to a settlement with Stormy Daniels.
The hacking group is also believed to have obtained vetting documents related to Vice President JD Vance and Secretary of State Marco Rubio.
In a 2024 indictment, the Justice Department alleged that Iran’s Revolutionary Guard Corps was behind the “Robert” operation, although the hackers have not publicly addressed that accusation.
The Trump campaign previously accused Iran of orchestrating the cyberattack, alleging in August 2024 that stolen information was distributed to major media outlets. Though some outlets declined to report on the leaked material, independent journalist Ken Klippenstein later published select documents on his Substack, including internal campaign vetting notes.
As the administration scrambles to contain the fallout, national security officials warn that the incident underscores the persistent threat of foreign cyber interference—and the vulnerability of even the most guarded political operations.
