Pegasus Project: what has happened since the revelations?

By Karine Pfenniger
Infographics: Guillaume Meigniez

PEGASUS PROJECT | July 18, 2022

One year after the publication of the Pegasus Project by 17 international media organizations, coordinated by Forbidden Stories in partnership with Amnesty International’s Security Lab, the project continues to make waves.

Thanks to an unprecedented data leak, the international investigation revealed the existence of more than 50,000 potential victims of Pegasus, a sophisticated spyware tool sold by Israeli company NSO Group. Among the victims were journalists, human rights defenders, lawyers, politicians, academics, businesspeople, and even members of royal families and heads of state, including French President Emmanuel Macron.

The biggest cyber surveillance scandal since the Snowden revelations, the conclusions of the investigation published in July 2021 were promptly confirmed by forensic analyses conducted by French and Belgian authorities. Protests erupted in several countries and a number of investigations were opened by various international authorities, including by the European Parliament, which in May 2022 auditioned an NSO representative. Since the revelations, dozens of new victims have been identified around the world, in large part thanks to target notifications by Apple, which also filed a legal case against NSO Group. As for NSO, the Israeli company was placed on a US Commerce Department black list – a strong sign confirming the importance of the investigation.

In order to better understand and represent the shockwaves that followed the publication of the Pegasus Project, Forbidden Stories compiled and summarized all of the available information about the project and its international ramifications in the form of maps containing key statistics, including the number of confirmed victims per country. The data in these maps is based on publicly-available information from the publications of Pegasus Project members, as well as other media organizations, which are thusly credited. In the case of confirmed infections, Amnesty International and Citizen Lab reports constitute the primary source documents. Victims identified through other sources are clearly identified as such.

NSO clients that are classified as “confirmed” indicate countries that recognize having bought Pegasus spyware. “Suspected” clients indicate countries that have not recognized having bought the spyware, despite wide-ranging proof of Pegasus use.



Are you aware of information that is not included in this page? If so, please write to us at