---
title: "Iran-linked hackers threaten to release Trump aides' emails"
description: "WASHINGTON, June 30 (Reuters) - Iran-linked hackers have threatened to disclose more emails stolen from U.S. President Donald Trump's circle, after distributing a prior batch to the media ahead of the 2024 U.S. election."
type: "NewsArticle"
publisher: "Daily Maverick"
site: "https://www.dailymaverick.co.za"
section: "Newsdeck"
author: "Reuters"
author_url: "https://www.dailymaverick.co.za/author/reuters/"
canonical_url: "https://www.dailymaverick.co.za/article/2025-07-01-iran-linked-hackers-threaten-to-release-trump-aides-emails/"
published: "2025-07-01T04:24:34"
updated: "2025-07-01T04:24:35"
lang: "en-ZA"
word_count: 546
---

# Iran-linked hackers threaten to release Trump aides' emails

> WASHINGTON, June 30 (Reuters) - Iran-linked hackers have threatened to disclose more emails stolen from U.S. President Donald Trump's circle, after distributing a prior batch to the media ahead of the 2024 U.S. election.

By Reuters · Published 1 July 2025, 06:24 SAST · Updated 1 July 2025, 06:24 SAST

## Key points
- In a plot twist worthy of a political thriller, hackers claiming to be linked to Iran's Revolutionary Guards are dusting off their old playbook and hinting at a potential sale of 100 gigabytes of emails from Trump's inner circle, proving that even in the digital age, some skeletons just refuse to stay buried.
- Hackers known as "Robert" claim to possess 100GB of emails from Trump aides, including Susie Wiles and Roger Stone.
- The group, linked to Iran's Revolutionary Guards, previously leaked documents during the 2024 presidential campaign.
- U.S. officials condemned the cyber intrusion, vowing full investigation and prosecution for breaches of national security.
- Following recent U.S.-Iran tensions, Robert hinted at selling the stolen emails, raising concerns over potential retaliatory cyber actions.

## Content

- Hackers say they might try to sell emails from Trump aides
- Group leaked documents from Republican president's campaign last year
- US has said group known as Robert works for Iran's Revolutionary Guards

By Raphael Satter

In online chats with Reuters on Sunday and Monday, the hackers, who go by the pseudonym Robert, said they had roughly 100 gigabytes of emails from the accounts of [White House Chief of Staff Susie Wiles](https://www.reutersconnect.com/all?search=all%3AL1N3ME1TV&linkedFromStory=true), Trump lawyer Lindsey Halligan, Trump adviser Roger Stone and porn star-turned-Trump antagonist Stormy Daniels.

Robert raised the possibility of selling the material but otherwise did not provide details of their plans. The hackers did not describe the content of the emails.

U.S. Attorney General Pam Bondi described the intrusion as "an unconscionable cyber-attack."

The White House and the FBI responded with a statement from FBI Director Kash Patel, who said: "Anyone associated with any kind of breach of national security will be fully investigated and prosecuted to the fullest extent of the law."

Halligan, Stone, a representative for Daniels and the U.S. cyberdefense agency CISA did not respond to requests for comment. Iran's mission to the United Nations did not return a message seeking comment. Tehran has in the past denied committing cyberespionage.

Robert materialized in the final months of the 2024 presidential campaign, when they [claimed to have breached the email accounts](https://www.reutersconnect.com/all?search=all%3AS0N3JD00Z&linkedFromStory=true) of several Trump allies, including Wiles.

The hackers then distributed emails to journalists.

Reuters previously authenticated some of the leaked material, including an email that appeared to document a financial arrangement between Trump and lawyers representing former presidential candidate Robert F. Kennedy Jr. - now Trump's health secretary.

Other material included Trump campaign communication about Republican office-seekers and discussion of settlement negotiations with Daniels.

Although the leaked documents [did garner some coverage last year](https://www.reutersconnect.com/all?search=all%3AL1N3LW095&linkedFromStory=true), they did not fundamentally alter the presidential race, which Trump won.

The U.S. Justice Department in a September 2024 indictment alleged that [Iran's Revolutionary Guards ran](https://www.reutersconnect.com/all?search=all%3AS0N3KK00X&linkedFromStory=true) the Robert hacking operation. In conversations with Reuters, the hackers declined to address the allegation.

After Trump's election, Robert told Reuters that no more leaks were planned. As recently as May, the hackers told Reuters, "I am retired, man." But the group resumed communication after this month's 12-day air war between Israel and Iran, which was capped by [U.S. bombing of Iran's nuclear sites](https://www.reutersconnect.com/all?search=all%3AL8N3SR1DY&linkedFromStory=true).

In messages this week, Robert said they were organizing a sale of stolen emails and wanted Reuters to "broadcast this matter."

American Enterprise Institute scholar Frederick Kagan, who has written about Iranian cyberespionage, said Tehran suffered serious damage in the conflict and its spies were likely trying to retaliate in ways that did not draw more U.S. or Israeli action.

"A default explanation is that everyone's been ordered to use all the asymmetric stuff that they can that's not likely to trigger a resumption of major Israeli/U.S. military activity," he said. "Leaking a bunch more emails is not likely to do that."

Despite worries that Tehran could unleash digital havoc, [Iran's hackers took a low profile](https://www.reutersconnect.com/all?search=all%3AL6N3SS23O&linkedFromStory=true) during the conflict. U.S. cyber officials warned on Monday that American companies and critical infrastructure operators might [still be in Tehran's crosshairs](https://www.reutersconnect.com/all?search=all%3AL6N3SX0NH&linkedFromStory=true).

(Reporting by Raphael Satter; Additional reporting by Gram Slattery; Editing by Cynthia Osterman and Michael Perry)
