According to the Polish daily Gazeta Wyborcza, the spyware was acquired by Poland’s Central Anticorruption Bureau (CBA) in the Autumn of 2017.

CBA bought the spy software for 33,4 million zlotys (€7.84 million) from the Polish Matic company, which in turn acquired it from the Israeli NSO Group for 25 million zlotys (€5.86 million) Matic had an Interior Ministry license for IT services and arms dealing.

The bureau began using the Pegasus spy system on November 7, 2017, former Supreme Audit Office head and current Civic Coalition senator Krzysztof Kwiatkowski revealed in March 2024.

In December 2021, the Associated Press, citing Citizen Lab, reported that before the 2019 European Parliament and Polish parliamentary elections, CBA used the Pegasus system to spy on Senator Krzysztof Brejza’s phone 33 times, who at that time served as the head of the Electoral Staff of the Civic Coalition (KO), the then biggest opposition bloc.

Investigation ongoing

A Polish parliamentary commission started its probe into Pegasus on February 19, 2024, investigating accusations that the previous government had illegally hacked the phones of political opponents.

However, recent reports suggest that secret services also targeted former government politicians using Pegasus. On April 10, Justice Minister and Prosecutor General Adam Bodnar reported that approximately 31 individuals would be informed about their phones being compromised by Pegasus spyware, one of them being Marek Suski, a senior PiS member and a known loyalist of the party’s leader Jarosław Kaczyński.

At the end of April 2024, the justice minister revealed that CBA, the Internal Security Agency (ABW), and the Military Counterintelligence Service used the software against a total of 578 people between 2017 and 2022.

At the same time, Bodnar stressed in a March interview with the commercial broadcaster Polsat News that he was unaware of any deployments of Pegasus without prior court authorization.

Mariusz Kamiński and Maciej Wąsik, politicians who were at the time responsible for the functioning of internal services, including the invigilation with the use of Pegasus, are now candidates to become MEPs on behalf of PiS.

Pegasus internationally

In July 2021, the findings of an extensive international journalistic investigation involving 17 media outlets revealed that the Pegasus software had facilitated the tracking of over 180 journalists, 600 politicians (including three presidents and ten prime ministers), as well as a king worldwide.

Furthermore, the software was involved in the surveillance of 85 human rights activists and 65 business leaders in various countries.

The capabilities of Pegasus extend far beyond mere eavesdropping on conversations from compromised smartphones. This powerful surveillance tool enables unauthorized access to a plethora of sensitive data stored on the devices, including emails, photos, video recordings, and even control over cameras and microphones.