At Least 20 WhatsApp Users’ Data May Be Compromised From Pegasus Attack
The WhatsApp Inc. mobile-messaging application WhatsApp and a Facebook Inc. logo are displayed on an the screens of mobile handsets in this arranged photograph taken in London, U.K. (Photographer: Chris Ratcliffe/Bloomberg)

At Least 20 WhatsApp Users’ Data May Be Compromised From Pegasus Attack


The government on Wednesday said personal data of 20 WhatsApp users out of the 121 users targeted using Pegasus spyware may have been accessed by the attacker.

Facebook-owned Whatsapp had said that Indian journalists and human rights activists were among those globally spied upon by unnamed entities using Pegasus spyware.

"WhatsApp continues to review the available information. It also mentioned that WhatsApp believes it is likely that personal data within the WhatsApp app of approximately twenty users may have been accessed out of approximately one hundred and twenty one users in India whose devices the attacker attempted to reach," Prasad said in Lok Sabha.

Also read: Israeli Spyware Used To Target Indian Journalists, Human Rights Activists: WhatsApp

On May 20, WhatsApp reported an incident to country's cyber security watchdog Cert-In, stating that it had identified and promptly fixed a vulnerability that could enable an attacker to insert and execute code on mobile devices.

WhatsApp also told Indian Computer Emergency Response Team that the vulnerability could no longer be exploited to carry out attacks.

Prasad said the government is committed to protect fundamental rights of citizens, including the right to privacy.

Also read: Government Wants To Conduct Audit Of WhatsApp Security System After NSO Espionage

"The government operates strictly as per provisions of law and laid down protocols. There are adequate safeguards to ensure that no innocent citizen is harassed or his privacy breached," he said.

In response to another question on malicious mobile apps stealing user data, the minister said the propagation of such applications, targeting mobile phones, are being reported globally.

"Such malicious applications could be used for stealing data from infected mobile phones for further misuse by cyber criminals," Prasad said.

The government has taken several measures to check malicious apps which includes issue of alerts and advisories about threats and vulnerabilities affecting mobile phones, along with countermeasures by CERT-In, he said.

"Security tips have been published to enable users to secure their mobile and smart phones by CERT-In. Government has operationalised the Cyber Swachhta Kendra to enable detection and cleaning of malicious code including from mobile and smartphones," Prasad added.

Also read: WhatsApp Expresses ‘Regret’ Over Pegasus Snooping Row

BQ Install

Bloomberg Quint

Add BloombergQuint App to Home screen.