The Spanish government has said the mobile phones of the prime minister, Pedro Sánchez, and the defense minister, Margarita Robles, were both infected last year with the Pegasus spyware that its manufacturers claim is available only to state agencies.
In a hastily agreed press conference on Monday morning, Félix Bolaños, the minister for the presidency, said Sánchez’s phone was targeted in May and June 2021, while Robles’s was targeted in June 2021. Data was extracted from both phones.
Bolaños said the “illicit” and “external” targeting would be investigated by Spain’s highest criminal court, the Audiencia Nacional, adding the targeting must have come from abroad as any such monitoring in Spain would have had required judicial authorization.
“These facts have been confirmed and are irrefutable,” said Bolaños. “I don’t think now is the time to engage in supposition or conjecture about what the motivation may have been.”
The phones of other members of the government are being examined to determine whether they may also have been targeted.
The allegations come as the Spanish government faces questions about how Pegasus – which is sold by the Israeli company NSO Group – allegedly came to be used to monitor dozens of members of the Catalan independence movementincluding the president of the north-eastern Spanish region, Pere Aragonès, and three of his predecessors.
Last month, Aragonès told the Guardian the alleged targeting, revealed by Citizen Lab cybersecurity experts, constituted a violation of individual rights, an attack on democracy, and a threat to political dissent.
The Catalan regional government has pointed the finger at Spain’s National Intelligence Center (CNI), which insists its operations are supervised by the supreme court and that it acts “in full accordance with the legal system, and with absolute respect for the applicable laws”.
The Spanish government has promised an internal CNI investigation into the alleged targeting of Catalan activists, while Spain’s public ombudsman has also opened an independent investigation.
Aragonès has called for Robles – who oversees the CNI as defense minister – to resign, and his Catalan Republican Left party has threatened to withhold its support for the government in the national parliament.
The Catalan president said in a statement: “Any political espionage is extremely serious. We reported spying a few days ago but were not given an explanation by the Spanish government. When it’s massive spying on Catalan institutions and the independence movement, it was all silence and excuses. With this, it’s all moving very fast. Responsibility needs to be established straight away. A thorough, independent investigation remains urgent and responsibility needs to be taken.”
NSO Group said in a statement it would investigate “any suspicion of misuse” of its software, and would cooperate with any governmental investigation.
“While we have not seen any information related to this alleged misuse and we are not familiar with the details of this specific case, NSO’s firm stance on these issues is that the use of cyber tools in order to monitors, dissidents, activists and journalists is a severe misuse of any technology and goes against the desired use of such critical tools,” said a spokesperson.
“NSO is a software provider; the company does not operate the technology nor is privy to the collected data. The company does not and cannot know who the targets of its customers are, yet implements measures to ensure that these systems are used solely for the authorized uses.”
NSO Group claims Pegasus is sold only to governments to track criminals and terrorists. A joint investigation two years ago by the Guardian and El País established that the speaker of the Catalan regional parliament and at least two other pro-independence supporters were warned the spyware had been used to target them.
NSO group was placed on a US blacklist in November 2021three months after a consortium of journalists working with the French non-profit group Forbidden Stories revealed multiple cases of journalists and activists who were hacked by foreign governments using the spyware, including American citizens.
The Guardian and other members of the consortium also revealed that the mobile numbers of Emmanuel Macron, the French president, and almost his entire cabinet appeared on a leaked list of individuals who were selected as possible targets of surveillance.
NSO has said its spyware is used by foreign government clients to target serious criminals. It has also denied that any of its clients ever targeted Macron or any French government officials.