Iranian-Linked Hackers Target Senior Space Force Official’s Social Media Account
Why It Matters
The breach of a top Space Force official’s social media account underscores the growing threat of foreign cyber operations targeting U.S. military personnel during ongoing hostilities with Iran. The incident is part of a broader pattern of digital and information warfare that U.S. commanders have warned troops about repeatedly since fighting began.
What Happened
Hackers broke into the Instagram account of Chief Master Sgt. John Bentivegna, the highest-ranking enlisted member of the U.S. Space Force, on Sunday and used it to briefly distribute pro-Iran and anti-American propaganda content. Bentivegna addressed the breach the same evening via a Facebook post, urging fellow Space Force members to avoid clicking any links or interacting with videos posted from his account.
“We are working with the appropriate teams to regain access and resolve the issue as quickly as possible,” Bentivegna stated in that post.
A Space Force spokesperson confirmed the hack took place but did not say how long the content remained visible or identify those responsible. Among the propaganda material was a video that used audio recordings of “Hanoi Hannah,” a Vietnam War-era propagandist known for broadcasting messages aimed at demoralizing U.S. troops. The video also featured images of Ali Larijani, a senior Iranian security official killed during the ongoing U.S.-Iran conflict.
Space Force’s Role in the Iran War
Space Force has been a central player in U.S. military operations against Iran since American forces began bombing Iranian targets on February 28 of this year. Gen. Dan Caine, Chairman of the Joint Chiefs of Staff, publicly credited Space Force with employing what he described as “non-kinetic effects” to degrade Iranian air defenses at the outset of the campaign.
That prominent operational role may help explain why a senior Space Force official’s accounts became a target for Iranian-linked actors seeking to exploit the information environment.
By the Numbers
- February 28: Date U.S. military operations against Iran began, according to the Joint Chiefs
- March: Iranian hackers breached the personal email account of FBI Director Kash Patel, leaking old photos and correspondence
- Late April: Several U.S. Marine Corps personnel, civilian employees, and family members received threatening text messages from suspected Iranian hackers
- 1 threatening message reviewed warned recipients: “Your identities are fully known to our missile units, and every move you make is under our surveillance”
A Wider Campaign of Digital Warfare
The Instagram breach is one piece of a sustained information and cyber campaign running alongside the kinetic conflict. U.S. Central Command, which oversees military operations across the Middle East, has told lawmakers it received multiple threat reports warning that adversaries are exploiting commercial location data to track or monitor U.S. personnel in the region.
Iranian actors have also turned to artificial intelligence, generating viral videos mocking President Donald Trump, Defense Secretary Pete Hegseth, and the broader U.S. war effort. On the American side, the White House and U.S. Central Command have released professionally edited footage of military strikes, which observers have compared in style to modern video game aesthetics.
Military leaders have consistently reminded service members that personal phones and online accounts are potential vulnerabilities in a wartime environment, a warning the Bentivegna hack illustrates concretely. For more on how federal agencies are responding to foreign influence operations, see related coverage on the Pentagon watchdog’s review of U.S. military operations.
What’s Next
Space Force officials are working to restore Bentivegna’s account access and investigate how the breach occurred. No timeline has been provided for the investigation’s completion. Given the ongoing conflict with Iran and the documented pattern of cyber intrusions targeting military personnel, U.S. forces can expect continued pressure on their personal and professional digital accounts. Service members have been advised to exercise heightened caution with any communications originating from official-looking accounts.
About the Author
