The European Parliament is on high alert for cyberattacks and foreign interference in the run-up to the EU election in June.
POLITICO reported in December that an internal review showed that the institution’s cybersecurity “has not yet met industry standards” and is “not fully in-line with the threat level” posed by state-sponsored hackers and other threat groups.
One member of the security and defense subcommittee went in for a routine check on Tuesday, which resulted in a discovery of traces of spyware on their phone. The member told POLITICO it wasn’t immediately clear why they were targeted with hacking software.
Parliament’s Deputy Spokesperson Delphine Colard said in a statement that “traces found in two devices” prompted the email calling on members to have their phones checked.
“In the given geopolitical context and given the nature of the files followed by the subcommittee on security and defence, a special attention is dedicated to the devices of the members of this subcommittee and the staff supporting its work,” the statement said.
The new revelations follow previous incidents with other European Parliament members targeted with spyware. Researchers revealed in 2022 that the phones of members of the Catalan independence movement, including EU politicians, were infected with Pegasus and Candiru, two types of hacking tools. That same year, Greek member of the EU Parliament and opposition leader Nikos Androulakis was among a list of Greek political and public figures found to have been targeted with Predator, another spyware tool. Parliament’s President Roberta Metsola previously also faced an attempted hacking using spyware.
European Parliament members in 2022 set up a special inquiry committee to investigate the issue. It investigated a series of scandals in countries including Spain, Greece, Hungary and Poland and said at least four governments in the EU had abused the hacking tools for political gain.
Parliament’s IT service launched a system to check members’ phones for spyware in April last year. It had run “hundreds of operations” since the program started, the statement said.
