Hackers linked to Iran are threatening to release a second wave of emails allegedly stolen from key figures close to former President Donald Trump, including White House chief of staff Susie Wiles, longtime ally Roger Stone, and Trump attorney Lindsey Halligan. The group, operating under the alias “Robert,” previously leaked a batch of emails ahead of the 2024 presidential election and now claims to possess an additional 100 gigabytes of data.
The emails reportedly also include communications involving adult film actress Stormy Daniels. While the hackers have not revealed the specific contents, they suggested they may sell the materials.
In response, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a public warning via X (formerly Twitter), labeling the incident a “calculated smear campaign.” CISA emphasized that the timing and targets of the attack appear to be intended to “distract, discredit, and divide” ahead of a volatile election season.
CISA spokesperson Marci McCarthy stated, “This is digital propaganda by a hostile foreign adversary aiming to undermine President Trump and damage the reputations of public servants. These criminals will be found and brought to justice.”
The hacking campaign is believed to be linked to Iran’s Islamic Revolutionary Guard Corps (IRGC), according to a Justice Department indictment filed in September 2024 that named three Iranian nationals. The hackers had communicated with Reuters earlier this week, claiming responsibility and expressing no immediate plans for future attacks. “I am retired, man,” one hacker reportedly said.
The threat of Iranian interference comes as tensions between Washington and Tehran remain high. Just days ago, Supreme Leader Ayatollah Ali Khamenei downplayed the effects of U.S. and Israeli cyberattacks on Iran’s nuclear program. In response, Trump announced a halt to discussions on easing sanctions.
U.S. Attorney General Pam Bondi condemned the leak, calling it “an unconscionable cyberattack.” FBI Director Kash Patel stated that anyone found complicit in compromising national security would face prosecution “to the fullest extent of the law.”
While Russia has long been viewed as a major player in election interference, experts like Sam Sabin of Axios suggest that Iran played a more aggressive role during the 2024 campaign. Microsoft also identified Iranian-linked entities involved in phishing and disinformation campaigns aimed at disrupting the electoral process.
As investigations continue, U.S. officials are treating the threat as both a cybersecurity breach and an act of foreign influence—one with serious implications for national security.
