WhatsApp’s security systems are the target of an audit conducted by the Indian government, according to a new report, after a breach suffered by the mobile messaging platform earlier this year.
India’s technology minister Ravi Shankar Prasad revealed earlier this week that the Indian Computer Emergency Team, or CERT-In, has already reached out to WhatsApp for more information on its security.
“[CERT-In] sought submission of information from WhatsApp on November 9, 2019, including a need to conduct an audit and inspection of WhatsApp’s security systems and processes,” the minister was quoted as saying by Reuters.
WhatsApp hacking claims
The audit comes only a few months after high-profile WhatsApp users, including journalists, politicians, military and other officials in both India and foreign countries were hacked.
The breach was powered by spyware known as Pegasus, which was developed by Israeli security company NSO Group and specifically supposed to help governments across the world break into the phones involved in criminal investigations. NSO Group typically sells hacking tools to state authorities worldwide, however, the actors behind the breach are yet to be identified.
WhatsApp decided to sue NSO Group for facilitating the hack, but the Israeli firm responded by saying that its tools are only available for government clients.
According to Reuters, approximately 121 hacking victims are based in India, with several journalists and lawyers requesting the government to investigate the breach and share its relationship with NSO Group.
Interestingly enough, WhatsApp officials met Indian technology ministry officials twice this year, in July and September, but they “made no mention of the spyware,” as per the cited source. On the other hand, a security breach was reported to CERT in May, according to the technology minister.
WhatsApp has refused to comment on the audit kicked off by the Indian government.