NSO Group in hot water

The phones of at least nine State Department employees were recently hacked through the use of spyware from Israeli company NSO Group, a report published Friday found.

Reuters cited four people “familiar with the matter” in reporting that iPhones of the employees were hacked over the past several months. The individuals targeted were based in Uganda or working on issues involving Uganda.

Company responds: NSO Group disputed the findings, with a spokesperson telling The Hill in a statement Friday that while the company had taken steps to crack down on the customers involved in targeting the employees — who Reuters said it wasn’t able to identify — NSO had no reason to believe its products were involved.

“Once the inquiry was received, and before any investigation under our compliance policy, we have decided to immediately terminate relevant customers’ access to the system, due to the severity of the allegations,” the spokesperson said. “To this point, we haven’t received any information nor the phone numbers, nor any indication that NSO’s tools were used in this case.”

Government responds: A spokesperson for the State Department declined to confirm the hacking efforts to The Hill on Friday, but stressed that “generally speaking the Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected.”

Both NSO Group and Israeli company Candiru were added to the Commerce Department’s Entity List last month, effectively blacklisting the use of the companies’ products. The step was taken due to allegations that both NSO Group and Candiru had developed spyware programs and sold them to foreign governments to target individuals including dissidents and journalists, allegations that NSO Group has pushed back against.