You are here: Home » Current Affairs » News » National
Business Standard

121 Indians hit; we may never know Pegasus breach extent: WhatsApp to govt

121 users in India targeted, full extent of Pegasus spyware attack may never be known: WhatsApp told Govt

ANI  |  Politics 

Photo: Shutterstock

Electronics and Minister on Wednesday told the Lok Sabha that has informed that the full extent of targeting of mobile phone users, including 121 from India, using Israeli Pegasus spyware may never be known and the Computer Emergency Response Team (CERT-In) has issued a formal notice to the social media platform seeking submission of details and information.

In a written reply, Prasad said that attempts to malign the Government of India for the reported breach are completely misleading.

He said the government has taken note of the fact that a "spyware/malware has affected some users".

The minister said according to WhatsApp, this spyware was developed by an Israel based company NSO Group and that it had developed and used Pegasus spyware to attempt to reach mobile phones of a possible number of 1400 users globally that includes 121 users from India.

He said there are adequate provisions in the (IT) Act, 2000 to deal with hacking, spyware etc.

The minister said that CERT-In published a vulnerability note on May 17, 2019, advising countermeasures to users regarding a vulnerability in

"Subsequently, on May 20, 2019, WhatsApp reported an incident to the CERT-In stating that WhatsApp had identified and promptly fixed a vulnerability that could enable an attacker to insert and execute code on mobile devices and that the vulnerability can no longer be exploited to carry out attacks," the minister said.

"On September 5, 2019, WhatsApp wrote to CERT-In mentioning an update to the security incident reported in May 2019, that while the full extent of this attack may never be known, WhatsApp continued to review the available information. It also mentioned that WhatsApp believes it is likely that devices of approximately one hundred and twenty-one users in India may have been attempted to be reached," he added.

He said CERT-In has issued a formal notice to WhatsApp seeking submission of relevant details and information based on media reports on October 31, 2019, about such targeting of mobile devices of Indian citizens through WhatsApp by spyware Pegasus.

Referring to reports in a section of media, he said: "attempts to malign the Government of India for the reported breach are completely misleading".

"The government is committed to protecting the fundamental rights of citizens, including the right to privacy. The government operates strictly as per provisions of law and laid down protocols," said he.

The minister said that the Ministry of Electronics and is also working on the Personal Data Protection Bill to safeguard the privacy of citizens, and it is proposed to table it in Parliament.

First Published: Wed, November 20 2019. 17:12 IST