Pegasus Project: what has happened since the revelations?

Two years after the publication of the Pegasus Project by 17 international media organizations, coordinated by Forbidden Stories in partnership with Amnesty International’s Security Lab, the project continues to have global repercussions.

Thanks to an unprecedented data leak, the international investigation revealed the existence of more than 50,000 potential victims of Pegasus, a sophisticated spyware tool sold by the Israeli company NSO Group. Among the victims were journalists, human rights defenders, lawyers, politicians, academics, businesspeople, and even members of royal families and heads of state, including French President Emmanuel Macron.

The biggest cyber surveillance scandal since the Snowden revelations, the conclusions of the investigation published in July 2021 – promptly confirmed by forensic analyses conducted by French and Belgian authorities – led to protests in several countries and investigations by various international authorities, including by the European Parliament. In June 2023, it adopted with an overwhelming majority the recommendations made by its inquiry committee, calling on the European Union to institute stricter regulations around spyware.

Since the revelations, dozens of new victims have been identified around the world, in large part thanks to target notifications by Apple, which also filed a legal case against NSO Group. As for NSO, the Israeli company was placed on a U.S. Commerce Department black list four months after the revelations and in March 2023, the White House announced an executive order to ban U.S. government use of commercial spyware that “poses a risk to national security”.

In order to better understand and illustrate the shockwaves that followed the publication of the Pegasus Project, Forbidden Stories compiled and summarized all of the available information about the project and its international ramifications in the form of maps containing key statistics, including the number of confirmed victims per country. The data in these maps is based on publicly-available information from the publications of Pegasus Project members, as well as other media organizations, which are thusly credited. In the case of confirmed infections, Amnesty International and Citizen Lab reports constitute the primary source documents. Victims identified through other sources are clearly identified as such.

NSO clients that are classified as “confirmed” indicate countries that recognize having bought Pegasus spyware. “Suspected” clients indicate countries that have not recognized having bought the spyware, despite wide-ranging proof of Pegasus use.

Are you aware of information that is not included in this page? If so, please write to us at newsroom@freedomvoicesnetwork.org.