Over 500 people targeted by Pegasus spyware in Poland, officials say
Poland’s national prosecutor said that nearly 578 citizens were targeted with powerful commercial spyware called Pegasus between 2017 and 2022.
Prosecutor General Adam Bodnar said on Tuesday that the largest number of infections, 162, occurred in 2021, according to local media reports.
Pegasus is an advanced commercial spyware sold to governments worldwide by the Israel-based NSO Group. The company says it is intended for uses such as criminal prosecutions and foreign intelligence, but it is often deployed to target activists, politicians and journalists.
Last week, Polish prosecutors said that they are building a case against current and former government officials believed to have used Pegasus against opposition party members and their allies.
The previously reported number of these suspected Pegasus infections was much lower — only 31 potential victims were summoned to appear at the prosecutor's office to share their stories.
This week, however, a top official of Poland’s special services, Tomasz Siemoniak, confirmed in an interview that the number of Pegasus victims exceeds 500 people.
According to him, some of the espionage cases were “justified” as they targeted those suspected of terrorism or were part of counterintelligence efforts. He admitted, however, that there were also “too many cases” when the use of Pegasus wasn’t justified.
Earlier in February, Polish Prime Minister Donald Tusk said he uncovered documents that “confirm 100%” that the prior administration — led by the Law and Justice (PiS) party — illegally deployed Pegasus to track a “very long” list of domestic targets, including amid the country’s election season.
In September, local senate investigators stated that the country’s 2019 elections were unfair due to the deployment of Pegasus, including against opposition leader Krzysztof Brejza.
Poland is one of a few European democracies found to be using Pegasus spyware to eavesdrop on its citizens. Spain, Greece and Hungary also have similarly deployed spyware in recent years, according to privacy advocates.
In a recent interview with Recorded Future News, John Scott-Railton, a security researcher at Canada-based Citizen Lab who helped uncover the Polish spyware problem, stated that Poland’s pursuit of accountability regarding spyware deployment has already progressed further than most investigations in the European Union.
"This commendable transparency is an EU first," said Scott-Railton on Tuesday, following the recent disclosure of Pegasus victims in Poland.
NEW: 578 people hacked with #Pegasus under previous government, confirms 🇵🇱#Poland Attorney General @Adbodnar.
— John Scott-Railton (@jsrailton) April 16, 2024
This commendable transparency is an #EU first.
Follows on heels of recent notifications by PL gov to victims.
Source (translated):https://t.co/XTKRdthVfj pic.twitter.com/TEfG3CK4zx
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.