Several journalists critical of the ruling Bharatiya Janata Party-led government — including reporters from the Organized Crime and Corruption Reporting Project (OCCRP) and the Wire — and the head of a government-linked think tank in New Delhi also shared similar notices from Apple.
The flurry of notices, sent by Apple late Monday and early Tuesday, did not name the Indian government as the perpetrator or say whether the hacking attempts were successful. An Apple spokesman clarified that the company “does not attribute the threat notifications to any specific state-sponsored attacker.”
Ashwini Vaishnaw, the BJP minister of railways, communications, electronics and information technology, said on X, formerly known as Twitter, that the Indian government “takes its role of protecting the privacy and security of all citizens very seriously and will investigate to get to the bottom of these notifications.”
“Much of information by Apple on this issue seems vague and nonspecific in nature,” Vaishnaw said. “Apple states these notifications maybe based on information which is ‘incomplete or imperfect.’ It also states that some Apple threat notifications maybe false alarms or some attacks are not detected.”
But opposition politicians immediately accused the government of Prime Minister Narendra Modi of snooping and pointed to its similar hacking allegations made against it.
In 2021, hundreds of Indian phone numbers were found on a leaked list of potential targets for surveillance by users of Pegasus, a military-grade spyware that can crack Apple and Android smartphones. The list included phone numbers belonging to opposition leader Rahul Gandhi, journalists, senior bureaucrats and Supreme Court judges, The Washington Post found in a joint investigation with the Forbidden Stories journalism nonprofit.
The Indian government has never confirmed or denied its use of Pegasus; its developer, the Israeli firm NSO Group, has said the spyware is sold exclusively to government agencies. Citing publicly available customs records, the OCCRP disclosed last year that India’s Intelligence Bureau received a shipment of hardware from NSO’s office in Israel matching the description of equipment used to run Pegasus.
At least one person whose phone was found to be infected by Pegasus in 2021 — the journalist Siddharth Varadarajan, founder of the Wire online news organization — received notifications from Apple this week that he was being targeted by a state-linked actor. Two Indian journalists with the OCCRP also reported receiving the threat alerts.
Other iPhone users who said they received the alerts included Mahua Moitra, a member of Parliament from the Trinamool Congress; Priyanka Chaturvedi, a leader in a splinter faction of the Shiv Sena party that opposes the BJP; and several of Gandhi’s aides.
In its notice, Apple warned users that hackers could access their iPhone’s sensitive data, communications, camera and microphone.
Apple’s latest warnings were a reminder that “we need a clear answer from the Indian government on the use of spyware and hack-for-hire entities,” said Raman Jit Singh Chima, Asia policy director at Access Now, a digital rights group. “Accountability is the first necessary step to stop India’s descent into a surveillance state.”
An Apple spokesman said Tuesday that threat alerts have been issued broadly, not just in India, since they were implemented in 2021. “Apple has sent Threat Notifications to individuals whose accounts are in nearly 150 countries,” he said.
Apple’s revelations — even if they do not point to the Indian government — come at a sensitive time. The company, based in Cupertino, Calif., has been in talks with the Indian government about expanding its footprint in India as it diversifies its supply chain outside China.
Apple is also looking to make inroads with consumers and opened its first retail store in India in April at a launch attended by CEO Tim Cook. The company saw annual sales in India rise almost 50 percent to $6 billion during the year that ended in March, Bloomberg News reported.