At least 5 EU officials were attacked by hacking tools thought to have come from the Israeli NSO Group

Senior officials at the European Commission were targeted last year with spy software designed by an Israeli surveillance firm, according to two EU officials and documentation reviewed by Reuters.

Among them was Didier Reynders, a senior Belgian statesman who has served as the European Justice Commissioner since 2019, according to one of the documents. At least four other commission staffers were also targeted, according to the document and another person familiar with the matter. The two EU officials confirmed that staffers at the commission had been targeted but did not provide details.

The commission became aware of the targeting following messages issued by Apple to thousands of iPhone owners in November telling them they were “targeted by state-sponsored attackers,” the two EU officials said. It was the first time Apple had sent a mass alert to users that they were in government hackers’ crosshairs, Reuters said.

Apple issued warnings to potential targets

The warnings triggered immediate concern at the commission, the two officials said. In a Nov. 26 email reviewed by Reuters, a senior tech staffer sent a message to colleagues with background about Israeli hacking tools and a request to be on the lookout for additional warnings from Apple.

“Given the nature of your responsibilities, you are a potential target,” the staffer said in the email, reviewed by Reuters.

Reuters was unable to determine who used the Israeli spyware to target Reynders and his Brussels-based colleagues, whether the attempts were successful, and, if so, what the hackers might have obtained as a result.

Reynders and his spokesman David Marechal did not return repeated messages. European Commission spokesman Johannes Bahrke declined comment. Apple declined comment.

Security researchers have said the recipients of the warnings were targeted between February and September 2021 using ForcedEntry, an advanced piece of software that was used by Israeli cyber surveillance vendor NSO Group to help foreign spy agencies remotely and invisibly take control of iPhones. A smaller Israeli spyware vendor named QuaDream also sold a nearly identical tool to government clients, Reuters previously reported.

NSO said in a statement that it was not responsible for the hacking attempts, saying the targeting described by Reuters “could not have happened with NSO’s tools.”

Also read: EP to launch a committee that will investigate NSO’s Pegasus.