Top EU officials hacked by Israeli Pegasus spyware

The European Union (EU) has found evidence that phones used by some of its top staff were hacked by Israeli spyware, the bloc's top justice official said in a letter seen by Reuters.

In a letter sent to European lawmaker Sophie in‘ t Veld, EU Justice Commissioner Didier Reynders said Apple told him in 2021 that his iPhone had potentially been hacked using Pegasus, a tool developed by Israeli surveillance firm NSO Group.

Apple's warning triggered an inspection of Reynders’ personal and professional devices, alongside other phones used by European Commission employees, the letter said.

While the investigation did not find "conclusive proof" of a hack, investigators discovered "indicators of compromise" – a term used by security experts to describe evidence that a hack occurred.

The letter did not provide further detail, with Reynders saying "it is impossible to attribute these indicators to a specific perpetrator with full certainty."

An investigation is currently active at the EU.

This is not the first time Europe's highest levels of office have been hacked. In April, Citizen Lab found that between 2020 and 2021, the UK Prime Minister's Office had been infected with Israeli spyware, alongside at least 65 supporters of Catalan independence in Spain.

Pegasus, which Citizen Lab calls a "mercenary spyware", has been used to break into the phones and computers of human rights activists, lawyers, journalists and faith groups, although the NSO group claims it only sells Pegasus to government agencies to target criminals and terrorists.

An NSO spokeswoman said the firm would willingly cooperate with an EU investigation.

"Our assistance is even more crucial, as there is no concrete proof so far that a breach occurred," the spokeswoman said in a statement to Reuters. "Any illegal use by a customer targeting activists, journalists, etc., is considered a serious misuse."

EU officials are yet to comment on the suspected hack.

NSO Group is currently being sued by Apple for allegedly violating its user terms and services agreement.

In April, Reuters reported that the EU was investigating if phones used by Reynders and other senior European officials had been hacked using software made in Israel.

Both parties declined to comment on the report at the time.

Reynders' letter which acknowledged hacking activity was written in response to inquiries from European lawmakers, who earlier this year formed a committee to investigate the use of surveillance software in Europe.

Last week the committee said it found that 14 EU member states had purchased NSO technology.

The letter – which was publicised by in 't Veld – said officials in Hungary, Poland and Spain had been or were in the process of being questioned about their use of Pegasus.

In 't Veld said it was important to find out who targeted the EU Commission, suggesting it would be particularly scandalous if an EU member state was found to be responsible.

The European Commission also raised the issue with Israeli authorities, asking them to take steps to "prevent the misuse of their products in the EU," the letter said.

A spokesperson for the Israeli Ministry of Defense did not immediately respond to a request for comment.