Amid raging controversy over the WhatsApp snooping allegations, the Facebook-owned company has responded to a notice issued by the Ministry of Information Technology on privacy breach allegations, saying that the platform had informed the government in September that 121 Indian citizens may have been targeted by an Israeli company’s spyware.
The information about the September letter comes amidst claims by government sources that they were “disturbed” that WhatsApp had not brought the privacy breach of Indian citizens.
A Reuters report on Friday said that not only Indian, citizens from other countries were also targeted in this WhatsApp hacking. The report said that officials from over 20 nations spread in five continents were targeted.
Apart from India, smartphones of government officials from the United States, United Arab Emirates, Bahrain, Mexico, Pakistan were hacked. Though so far, there has been no clarity as to who exactly ordered the snooping, the spyware developing firm NSO said that it sells the spying programme only to the governments.
News Nation has also found out that the May notification does exist. It was posted by the relevant Indian department on its website. It is still in public domain. A cursory glance at the homepage of CERT-IN, the government agency, which is responsible for the security of the Indian cyber community shows that the May notification was published under the sub-section of ‘Vulnerability Notes’.
‘A vulnerability has been reported in WhatsApp which could be exploited by a remote attacker to execute arbitrary code on the affected system,’ the notification reads. However, the government maintains that it was not informed about the breach. On May notification, the government officials have reportedly said that the May notification was ‘too technical jargon’, which had no mention of Pegasus or privacy threat to Indian users.
On May 14, News Nation had reported about the security issue in messaging app. In May, WhatsApp had asked users to upgrade the app to the latest version to prevent from major cybersecurity breach. The report clearly mentioned about the threat of Pegasus. “A spyware software called Pegasus owned a private Israeli company NSO Group is said to have taken advantage of WhatsApp’s voice call function to carry out the attack, according to media reports. The security vulnerability affects both iPhone and Android devices,” the May 14 report said.
The messaging app, which has about 400 million users in India, has been testing its payments service in the country since last year with about a million users. WhatsApp's service will compete against the likes of Paytm, PhonePe and Google Pay as and when it is rolled out nationally in India.