wordpress blog stats
Connect with us

Hi, what are you looking for?

WhatsApp told MeitY in September that 121 Indians were targeted by Pegasus, MeitY reveals in Parliament

WhatsApp Pegasus

WhatsApp informed the Ministry of Electronics and Information Technology on September 5, 2019, that approximately 121 users in India may have been breached by Pegasus. MeitY revealed this in a written response (available below) to Lok Sabha MP Asaduddin Owaisi’s question raised in Parliament today. This completely undermines MeitY’s earlier statements that WhatsApp had not informed it about the scale of the breach. IT Minister Ravi Shankar Prasad’s earlier statement, wherein he sought a response from WhatsApp about the “kind of breach”, appears to be uninformed. MeitY’s answer also called reports about government purchasing Pegasus misleading and classified them as “attempts to malign the Government of India”.

Timeline of communication between MeitY and WhatsApp

Meity’s answer finally gives a timeline for the communication between the MeitY, Computer Emergency Response Team (CERT-In) and WhatsApp over the VoIP call vulnerability in WhatsApp that was exploited in May to plant Israeli spyware Pegasus in victims’ phones, which include 121 Indians:

  • May 17, 2019: CERT-In published a vulnerability note, advising users with countermeasures regarding the WhatsApp vulnerability.
  • May 20, 2019: WhatsApp reported the incident to CERT-In, stating that “WhatsApp had identified and promptly fixed a vulnerability that could enable an attacker to insert and execute code on mobile devices and that the vulnerability can no longer be exploited to carry out attacks”.
  • September 5, 2019: WhatsApp updated CERT-In, informing them that “it is likely that devices of approximately one hundred and twenty one users in India may have been attempted to be reached” via the May 2019 security incident. Also told CERT-In that “the full extent of this attack may never be known”.
  • Post October 31, 2019: On the basis of media reports that Indians were targeted using Pegasus, CERT-In issued a formal notice to WhatsApp seeking submission of relevant details and information.

Clever use of language by MeitY in answer

The answer suggests that until media reports on October 31, 2019, MeitY did not know that the breach involved installing NSO Group’s Pegasus spyware. But Financial Times, which first reported the breach in May, categorically said that Pegasus was the malicious software that was installed. This use of sophistry by the Ministry is disheartening.

The answer also practically repeated Prasad’s earlier statement: “The Government is committed to protect the fundamental rights of citizens, including the right to privacy. The Government operates strictly as per provisions of law and laid down protocols. There are adequate provisions in the Information Technology (IT) Act, 2000 to deal with hacking, spyware etc.” It also said that the ministry is working on the Personal Data Protection Bill “to safeguard the privacy of citizens, and it is proposed to table it in Parliament”.

[embeddoc url=”http://staging.medianama.com/wp-content/uploads/AS47.pdf” download=”all”]

Advertisement. Scroll to continue reading.
Written By

Send me tips at aditi@medianama.com. Email for Signal/WhatsApp.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ