The personal data of at least 20 WhatsApp users was accessed in the Pegasus spyware attack, the government told the Lok Sabha on Wednesday. The Facebook-owned messaging platform has said journalists, human rights activists and scholars were among those spied upon by unnamed entities that used the spyware developed by an Israeli company.

Responding to former Union minister Dayanidhi Maran’s question about the regulations and measures put in place by the government to protect financial data of users, Information Technology Minister Ravi Shankar Prasad reiterated the government’s commitment to protect the fundamental rights of citizens, including the right to privacy.

“On September 5, 2019, WhatsApp wrote to CERT-In mentioning update to the security incident reported in May 2019, that while the full extent of this attack may never be known, WhatsApp continues to review the available information,” the minister said in a written response.

Last week, the government denied it was behind the illegal surveillance of the devices. Congress MP Digvijaya Singh has demanded a Joint Parliamentary Committee inquiry into the security breach, pointing out that it was a threat to national security. He claimed senior members of government had entire information about the spyware and the breach. A parliamentary standing committee has also decided to look into the matter.

In October, it came to light that the security breach had occurred in a two-week period in May. Pegasus is sold only to government agencies, according to the NSO Group company that developed it.

On November 19, as many as 17 of the human rights activists, scholars and journalists targeted by the spyware wrote to the Parliamentary Standing Committee on Information Technology, asking it to summon officials from relevant government departments to investigate unauthorised surveillance operations. They urged the panel to ask the officials if they had purchased and deployed Pegasus.

Also read:

  1. Did Centre use spyware to tap WhatsApp calls? Minister parries query, cites laws granting such power
  2. WhatsApp spyware: How many people have been targeted by the Pegasus hack?
  3. Where is the personal data protection law that Indians were promised?